According to a media release, Razer had accidentally leaked personal data of over 100,000 customers for close to a month.
The breach was discovered by a cybersecurity consultant who had shared his finding on Linkedin. It is believed that the breach was caused due to a server misconfiguration since 18 Aug 2020. Customers details such as addresses and emails were publicly exposed.
After his discovery, the consultant immediately contacted the company but he did not get a respond from Razer until 3 weeks later. Razer has acknowledged the breach who “potentially” exposed shipping details of their client but added that the issue has been fixed on the 09 Sep 2020.
Razer has also assured that no “Sensitive information” such as credit card information or payment method was exposed.
The consultant then warns the members of the public that these customers records could be used by criminals to launch targeted phishing attacks. Therefore, Razer customers are advised to look out for any phishing emails which might be sent by scammers posing as Razer.