HackDig : Dig high-quality web security articles for hackers

Razer data leak exposes personal information of gamers

2020-09-12 16:08


Gaming hardware manufacturer Razer has suffered a data leak after an unsecured database for their online store was exposed online.

Razer is a Singaporean-American gaming hardware manufacturer known for their mice, keyboards, and other high-end gaming devices.

Around August 19th, security researcher Bob Diachenko found an unsecured database that exposed the information of approximately 100,000 people who purchased items from Razer's online store.

This exposed information included a customer's name, email address, phone number, order numbers, order details, and billing and shipping addresses, as shown below.

Razer data exposed by unsecured database
Razer data exposed by unsecured database

For a few weeks, Diachenko attempted to contact someone at Razer who could secure the exposed database.

Bob Tweet

In a statement to Diachenko's LinkedIn article, Razer stated that they finally secured the database server on September 9th, and thanked the researcher for his help.

"We were made aware by Mr. Volodymyr of a server misconfiguration that potentially exposed order details, customer and shipping information. No other sensitive data such as credit card numbers or passwords was exposed. The server misconfiguration has been fixed on 9 Sept, prior to the lapse being made public. 

We would like to thank you, sincerely apologize for the lapse and have taken all necessary steps to fix the issue as well as conduct a thorough review of our IT security and systems. We remain committed to ensure the digital safety and security of all our customers."

What should affected Razer customers do?

If threat actors accessed this data, they could use the information in targeted phishing campaigns to gather more sensitive information such as passwords and credit card details.

While it is not known if any threat actors accessed the exposed data before it was secured, it is vital for those affected to be diligent against potential spear-phishing campaigns.

If you have ever purchased anything from Razer's online store, be cautious of any emails that state they are from the gaming company.

Furthermore, if you receive an email claiming to be from Razer, be sure to only log in at razer.com and not at other sites.


Source: remag-fo-noitamrofni-lanosrep-sesopxe-kael-atad-rezar/ytiruces/swen/moc.retupmocgnipeelb.www

Read:393 | Comments:0 | Tags:Security Gaming data leak

“Razer data leak exposes personal information of gamers”0 Comments

Submit A Comment



Blog :

Verification Code: