In a significant data security lapse, a publicly exposed database containing over 31 million logging records was discovered without password protection or encryption, raising serious concerns about the privacy of TrackMan’s customers. TrackMan, a prominent sports technology company known for its golf simulators, launch monitors, and sports analytics solutions, appears to be at the center of this breach. The exposed data included potentially sensitive customer information such as usernames, email addresses, device details, IP addresses, and security tokens, all totaling a staggering 110 terabytes of data.

The breach was uncovered when a researcher stumbled upon the unsecured database and immediately sent a responsible disclosure notice. Public access to the database was restricted the same day, but it remains unclear how long the data was exposed or if any unauthorized parties accessed it. Among the leaked information were highly detailed session reports containing statistics and analytics that are part of TrackMan’s advanced sports tracking solutions, which are widely used in golf and baseball coaching, broadcasting, and player development.

TrackMan, renowned for its use of Doppler radar and imaging technology to provide performance data such as ball speed, club angle, and player movement, has not responded to inquiries or acknowledged the breach. It is also unknown whether the exposed database was managed by TrackMan directly or by a third-party contractor. An internal forensic audit is necessary to assess the full extent of the breach, including whether any suspicious activity or unauthorized access occurred. Read more on the TrackMan data breach here

TrackMan’s technology is a staple in professional sports analytics and broadcasting, providing real-time performance data and enhancing the viewer experience with detailed statistics. This incident highlights the critical importance of securing customer data, especially for companies dealing with sensitive performance and personal information. The lack of encryption or password protection has placed millions of customers at risk, and only time will tell if the company will offer transparency and measures to mitigate potential harm.