A security researcher said she was able to access several internal FIFA platforms due to a simple security flaw, which allowed her to watch and have full control of the TV stream of every World Cup game.
The researcher, who goes by BobDaHacker, said she simply registered as a player agent on FIFA’s official agent registration platform. Then, thanks to having that account and a flaw in FIFA’s back-end API, which didn’t check if a user actually had the proper authorization, she was able to access several internal FIFA platforms.
