According to a new report, Razer accidentally exposed personal information of more than 100,000 gamers for a month.
Security researcher Volodymyr Diachenko found that customer data on Razor’s website was made publicly available on August 18 due to server misconfiguration. A sample, pictured below, shows records of orders made at the company’s digital store, revealing personal information, including email and mailing addresses, product types, and phone numbers. Credit card information was not included.
After searching for the misconfiguration online, DiChenko says he reached out to Razor several times in a three-week span before getting an answer. In a statement sent to DiChenko, the gaming hardware manufacturer acknowledged the server misconception and said the data leaks potentially exposed personal information such as full names, phone numbers and shipping addresses to customers. Razor says that “no other sensitive data” such as payment methods were leaked and this fixed the misconception on 9 September. Razor confirmed the issue in an email The ledge And added that customers who have any questions about the leak can reach [email protected]
Even if no sensitive payment information is revealed, personal information, including email addresses, can be used to obtain more information such as passwords for online accounts or payment details for phishing campaigns.
Updated September 14, 1:07 PM ET: Added a statement from Razor The ledge.