Although no sensitive payment info was exposed, individual details, consisting of e-mail addresses, can be utilized for phishing projects to obtain additional information such as passwords for online accounts or payment information.
No credit card information, but customers email and mailing addresses were compromised.Image: Volodymyr Diachenko
Since of a server misconfiguration, Security researcher Volodymyr Diachenko found that client information on Razers website was made openly readily available on August 18th. A redacted sample visualized below programs records of orders made on the businesss digital shop, exposing personal information including email and mailing addresses, the type of product bought, and phone numbers. Charge card info was not included.
Razer accidentally exposed over 100,000 gamers personal info for close to a month, according to a new report.
Update September 14th, 1:07 PM ET: Added a statement from Razer to The Verge.
After finding the misconfiguration online, Diachenko says he reached out to Razer several times over the span of 3 weeks before receiving a reply. In a statement sent out to Diachenko, the video gaming hardware maker acknowledged the server misconfiguration and that the data leakage possibly exposed personal info like complete names, phone numbers, and shipping addresses for customers.