Gaming hardware company Razer has suffered a leak that potentially exposed the personal information of more than 100,000 customers who are registered in the Razer system.
The leak looks like it was the result of a faulty Elasticsearch database that exposed customers’ emails, addresses, and phone numbers, but not their passwords, according to Ars Technica.
I must say I really enjoyed my conversations with different reps of @Razer support team via email for the last couple of week, but it did not bring us closer to securing the data breach in their systems. pic.twitter.com/Z6YZ5wvejl
— Bob Diachenko (@MayhemDayOne) September 1, 2020
Security researcher Volodymyr Diachenko identified the leaky cluster back in August, but according to his reports, Razer was less than coordinated in its response.
The current Elasticsearch leak was also reportedly accessible via public search engines. According to Ars Technica, Razer has experienced leaky cloud functionalities several times in the past.
Razer has not yet responded to a request for comment. The company asks customers to sign in to the cloud to use Synapse, its program to control all of a user’s hardware.
- Data leak exposes personal info of more than 3,000 Ring users
- E3 leaks personal information of thousands of journalists
- A popular virtual keyboard leaked the personal data of 31 million users
- ‘Cloudbleed’ bug may have leaked your personal data all over the internet
- Spotify user? Your account information may have been compromised