Gaming hardware company Razer has suffered a leak that potentially exposed the personal information of more than 100,000 customers who are registered in the Razer system.
The leak looks like it was the result of a faulty Elasticsearch database that exposed customers’ emails, addresses, and phone numbers, but not their passwords, according to Ars Technica.
I must say I really enjoyed my conversations with different reps of @Razer support team via email for the last couple of week, but it did not bring us closer to securing the data breach in their systems. pic.twitter.com/Z6YZ5wvejl
— Bob Diachenko (@MayhemDayOne) September 1, 2020
Security researcher Volodymyr Diachenko identified the leaky cluster back in August, but according to his reports, Razer was less than coordinated in its response.
The current Elasticsearch leak was also reportedly accessible via public search engines. According to Ars Technica, Razer has experienced leaky cloud functionalities several times in the past.
Razer has not yet responded to a request for comment. The company asks customers to sign in to the cloud to use Synapse, its program to control all of a user’s hardware.