WMH heeft op het AltiusRT domein (het systeem waarin alle wedstrijddata wordt bijgehouden) een security issue geconstateerd.
Hierbij is mogelijkerwijs (er is geen direct bewijs) privacy data (geboortedata en email adressen) van spelers/sters toegangkelijk geweest. Het betreft enkel spelers/sters die een goal hebben gescoord of een kaart hebben gekregen bij een van de officiële WMH wedstrijden/toernooien. De data was niet direct zichtbaar maar wel toegangkelijk voor externe systemen. De issue is inmiddels opgelost.
De issue wordt gemonitord en wanneer nodig krijgen we nieuwsupdates.
Dear Continental Federations, WMH Members and Masters community,
World Masters Hockey (WMH) is committed to protecting the privacy and security of our hockey community's data.
We were recently notified of an inadvertent data exposure involving the AltiusRT competition management platform (used at WMH events) which resulted in some personal information being unintentionally accessible, noting this issue has now been resolved
AltiusRT has confirmed that some personal information, dates of birth and email addresses) was unintentionally accessible within the background code of public match pages. While this information was not directly visible, it could have been accessed by individuals with technical knowledge or automated systems that scan web data.
The exposure was limited to athletes who had either scored a goal or received a card during a match and some match/team officials. The majority of affected individuals only had their date of birth exposed whilst a smaller percentage also had their email address included.
The data exposure has impacted multiple hockey organisations globally with over 40,000 individuals affected.
The exposure was identified via external independent testing. Upon being notified of the issue, AltiusRT took immediate action to contain and resolve the exposure. The following measures have been implemented;
The underlying vulnerability has been fixed, ensuring that affected data is no longer accessible.
Privacy settings have been strengthened, restricting access to personal information to authenticated users only.
Additional security controls and database protections have been enhanced to further enhance data integrity.
Cybersecurity experts have supported the assessment and remediation process, ensuring best-practice security measures are in place.
WMH takes cybersecurity seriously and encourages our hockey community to take steps to protect their personal information online. While there is no evidence of misuse, cybercriminals may exploit publicly available data to impersonate trusted organisations or attempt fraud.
To help keep your accounts and personal data safe, we recommend the following:
We appreciate the cooperation and understanding of our hockey community as we work with our supplier to address this matter.
WMH’s Privacy Policy - https://worldmastershockey.org/wmhdocuments/privacy-policy/
World Masters Hockey
12 March 2025
www.worldmastershockey.org