Cyber Incident Victim: World Wrestling Entertainment
Date:
Jan 2017
Location:
United States of America
Summary
A hacker group compromised multiple social media accounts associated with a professional wrestling organization, including official brand profiles and individual wrestlers' handles, along with breaching a major news network's Facebook pages. The attackers posted messages claiming to test security vulnerabilities and promoting their own protection services, which were removed shortly after unauthorized access. The organization confirmed the incident and regained control of its accounts, while the perpetrators asserted they exploited linked administrative credentials and selected targets randomly. This group has previously targeted other high-profile entertainment entities, streaming platforms, sports leagues, and technology executives under similar pretexts of exposing security weaknesses.
| CIA Posture | Motives | Tactics, Techniques & Procedures |
|---|---|---|
| Available to members | 1 motive | 1 technique |
| Threat Actor | Type | Location |
|---|---|---|
| 1 actor | Available to members | Available to members |
Description
On January 28, 2017, the hacker group OurMine compromised multiple official World Wrestling Entertainment (WWE) social media accounts. The breach affected the Twitter handles of WWE Universe, WWE NXT, WWE Network, SummerSlam, and wrestlers John Cena and Triple H, alongside WWE’s Tumblr page. OurMine posted identical messages across all compromised accounts stating, "Hey, it's OurMine we are just testing your security, please contact us for more information, Thanks," accompanied by their logo. The group later claimed the WWE accounts were linked to the head of social media’s account, enabling broad access. WWE acknowledged the incident in a statement to Mashable, confirming the accounts were hacked for a brief period on Saturday evening and subsequently resecured. No data theft or prolonged disruption was reported. The following day, January 29, OurMine expanded their activity by briefly breaching CNN’s official Facebook account, CNN International, and CNN Politics pages, leaving identical messages before removal within approximately 30 minutes.
OurMine characterized itself as an "elite hacker group" focused on exposing vulnerabilities, asserting no malicious intent but offering paid security services through their website. A representative stated targets were chosen randomly rather than through deliberate selection. The WWE and CNN incidents followed a pattern of high-profile breaches in 2016–2017, including prior compromises of Marvel, Netflix, and NFL social media accounts, alongside intrusions into BuzzFeed, Variety, and TechCrunch websites. Previous individual targets included Facebook CEO Mark Zuckerberg, Twitter co-founder Jack Dorsey, Wikipedia’s Jimmy Wales, and Sony’s Shuhei Yoshida. In each case, OurMine emphasized security testing over data exfiltration or destructive actions, though their unauthorized access prompted temporary operational disruptions and reputational scrutiny for affected organizations.