The security breach has not affected credit cards or passwords, the company says.
Razer has contacted 3D Games to provide more details on this situation. “A security researcher informed us of a misconfiguration of the server that potentially exposed order details, customer information and shipping,” says the company specializing in gaming peripherals. “No sensitive data such as credit card numbers or passwords was exposed, and this incorrect server configuration was fixed on September 9, “they add.
“We sincerely apologize for what happened and have taken all necessary measures to fix the problem, as well as to conduct a thorough review of our IT systems and security. We remain committed to ensuring the digital security of all our customers “, they conclude in their letter, where they call on customers to contact Razer in case of questions about this situation.
A security breach in the database Razer has exposed the personal data of 100,000 users for about half a month, according to a security report that has subsequently been confirmed by the company itself. Apparently, a configuration failure on one of the servers The company had caused Elasticsearch to index the information, making it possible to query private data publicly.
The error, what dates from August 18, was first detected by Volodymyr Diachenko, a security analyst, who discovered a data set in Elasticsearch with details of nearly 100,000 of the brand’s customers. Data that included your full name, email address, phone number, customer identifier, order number, order details, billing and shipping address. Of course, said leak it has not affected sensitive details such as credit cards or passwords.
Even so, the leakage of data such as names, emails and telephone numbers puts users at risk of phishing attempts and scams. Upon detecting the security flaw, Diachenko reported the issue privately to Razer, who They closed the gap on September 9. And, later, they have published an official statement on the matter: “Mr. Diachenko informed us of a configuration failure in the servers that potentially exposed details of orders, customers and shipments. Other sensitive data such as credit cards or passwords were not exposed ”.
We want to sincerely apologize for the failureRazer“The server crash was fixed on September 9, before this was made public. We sincerely apologize for the failure, we have taken all necessary measures to solve the problem in addition to carrying out a thorough review of our technical security and our systems. We remain committed to ensuring the digital security of all our clients, “the statement concludes.
The fact that the gap has been resolved before being released It is a positive detail, but still, and as a precaution, be aware of possible phishing attempts if you think you have been exposed. Of course, the ruling does not affect those who have bought their products from external stores, where in our last Hunting Bargains we collected several of their discounted products on Amazon.
More about: Razer, Cybersecurity and Peripherals.