Razer accidentally leaked the personal data of more than 100,000 gamers for nearly a month, according to a new report.
Volodymyr Diachenko, a security researcher, discovered that customer data on Razer’s website has been publicly available since August 18th because of a server misconfiguration. The leak exposed email and mailing addresses, types of product orders and phone numbers.
Diachenko says he reached out to Razer a few times over three weeks after finding the misconfiguration online. The company spoke to Dianchenko via a statement saying that the data exposed personal information like full names, phone numbers and shipping data, but no other sensitive data was shared.
Razer then confirmed the issues to The Verge, and said that customers with any questions about the leak should reach out to ‘DPO@razer.com.’ Razer also says the server misconfiguration was fixed on September 9th.
Unfortunately, the leaked personal information could potentially be used in phishing attacks in order to get further details about passwords for online accounts, payment details and more.
Source: The Verge