Personal information of over 1 lakh gamers leaked


San Francisco, Sep 15 (IANS): Gaming hardware vendor Razer has accidentally exposed personal information of over one lakh gamers that was available for nearly a month for hackers to exploit.

Security researcher Volodymyr Diachenko first discovered that customer data on Razer's website was made publicly available on August 18 because of a server misconfiguration.

Leaked data included full name, email, phone number, customer internal ID, order number, order details, billing and shipping address.

After discovering the misconfiguration online, Diachenko reached out to Razer several times over the span of three weeks before receiving a reply.

"My message never reached the right people inside the company and was processed by non-technical support managers for more than three weeks until the instance was secured from public access," Diachenko said in a post on LinkedIn.

Razer is a global gaming hardware manufacturing company, esports and financial services provider.

In a statement, the company acknowledged the server misconfiguration.

"We were made aware by Volodymyr of a server misconfiguration that potentially exposed order details, customer and shipping information. No other sensitive data such as credit card numbers or passwords was exposed," the company said.

"The server misconfiguration has been fixed on September 9, prior to the lapse being made public," the company added.

However, according to Diachenko, the customer records could be used by criminals to launch targeted phishing attacks wherein the scammer poses as Razer or a related company.

"Customers should be on the lookout for phishing attempts sent to their phone or email address. Malicious emails or messages might encourage victims to click on links to fake login pages or download malware onto their device".

Razer customers could be at risk of fraud and targeted phishing attacks perpetrated by criminals who might have accessed the data, the security researcher warned.

  

Top Stories


Leave a Comment

Title: Personal information of over 1 lakh gamers leaked



You have 2000 characters left.

Disclaimer:

Please write your correct name and email address. Kindly do not post any personal, abusive, defamatory, infringing, obscene, indecent, discriminatory or unlawful or similar comments. Daijiworld.com will not be responsible for any defamatory message posted under this article.

Please note that sending false messages to insult, defame, intimidate, mislead or deceive people or to intentionally cause public disorder is punishable under law. It is obligatory on Daijiworld to provide the IP address and other details of senders of such comments, to the authority concerned upon request.

Hence, sending offensive comments using daijiworld will be purely at your own risk, and in no way will Daijiworld.com be held responsible.