Gaming equipment maker, Razer Inc has exposed a database online which contained 100,000 records of personally identifiable information of its customers. These include name, email address, and billing details, but no payment data. The reason for this leakage was identified as the misconfigured server, that’s left online without any password.
Razer Leaks Customer Data Online!
Razer is a Singapore-America based company that’s specialized in making gaming gear like a mouse, keyboard, headphones, and even laptops.
Products of this brand are recognized as trusted for high-end gaming in most countries. They sell their products through their online website, online partners, and offline retailers.
Regarding your own website sales, it’s found the company hasn’t set a password to its database, which has details about customers’ purchases, their contact details like phone number, email address, billing, and shipping address.
Though there’s no financial data involved in this, the entire database contained 100,000 records and was found online accessible to anyone through any search engine.
This was initially found by a security researcher, Bob Diachenko, who reported Razer through its customer support emails but failed to have them secure it. But after posting about the incident in a LinkedIn post, the company replied saying that it was aware “a server misconfiguration that potentially exposed order details, customer and shipping information.”
Also, it reiterated that “no other sensitive data such as credit card numbers or passwords were exposed. The server misconfiguration has been fixed on 9 Sept, prior to the lapse being made public.” Finally, it thanked Bob Diachenko and apologized for leaking it, with a word that it will “conduct a thorough review of our IT security and systems.”
What does this mean to Razer Customers?
If you’ve purchased something from Razer via its online website, you should better be cautious about any potential cyberattacks. It’s not known that anyone may have accessed the open database or not, thus making sure avoiding phishing emails or interacting with suspicious emails is recommended.
