Razer Gaffe Exposes Customer Data

From infosecurity-magazine.com

The data of around 100,000 Razer customers has been exposed online following a misconfiguration faux pas.

The lapse by the global hardware manufacturing company and eSports and financial services provider was discovered by cybersecurity expert Volodymyr “Bob” Diachenko.

Customer data impacted by the cyber-slipup included full name, email, phone number, customer internal ID, order number, order details, and billing and shipping address.

According to Diachenko, the data was part of a sizable log chunk stored on Razer’s Elasticsearch cluster that had been “misconfigured for public access since August 18, 2020, and indeed by public search engines.” 

The independent cybersecurity consultant and owner of SecurityDiscovery.com said it was unclear precisely how many customers had been affected by the issue.

Read more…