The Entertainment Software Association (ESA) have leaked over six thousand more names and personal details from members of the games media than was previously thought, the company confirmed to Rock Paper Shotgun. In addition to the 2025 journalists, bloggers, analysts, and streamers whose physical addresses, phone numbers, and e-mail handles were made public in last week’s leak of E3 2019 info, information for media attending two earlier years of E3 conferences was also made available through public spreadsheets.
These gushing leaks started last week when YouTuber Sophia Narwitz noted that private details had been available online for an unknown period of time on a publicly-accessible website, and could be downloaded via a link titled “registered media list.” This kind of media list is meant to be private, and typically is only used by games industry folk to arrange gameplay demonstrations, interviews, meetings and the like at E3 each year.
“The file was located in a password-protected section of the E3 website, which was intended for exhibitors only,” ESA spokesperson Dan Hewitt told us about the initial leak. “As soon as we learned of this issue, we took immediate action. We removed the file from the website, we disabled access to the site’s exhibitor portal, and we notified those affected. In addition, we launched a process to locate and remove private and public caches and other publicly-accessible online locations that contained the file.”
That’s how they turned up the latest load of leaks. These new discoveries are far older, dating back to 2004 and 2006.
In one spreadsheet, which GamesIndustry.biz saw after searching an archived older version of the E3 website, the personal information of 2800 journalists was publicly available. A second list from another E3 included information of more than 3300 members of the media.
“We took immediate steps to have those files removed, and we received confirmation today that all files were taken down from the third-party site,” the ESA say in their statement. “We also immediately notified those persons impacted.”
But in an era where pivacy is at the tip of every tongue, perhaps an online internet spreadsheet which can be sleuthed out using the Sherlockian medium of Google’s archives isn’t the best way to keep information safe.
“We are working with our partners, outside counsel, and independent experts to investigate what led to this situation and to enhance our security efforts,” they concluded. “We are still investigating the matter to gain a full understanding of the facts and circumstances that led to the issue.”