RestorePrivacy

Your online privacy resource center

General

Home

News

About

Contact

Privacy Tools

Newsletter

Coming soon.

No spam, ever.

Razer Investigating Data Leak After Files Appear on Hacker Forum

By Leave a Comment
Razer Investigating Data Leak After Files Appear on Hacker Forum

The American gaming-focused consumer electronics maker Razer (RAZER) has responded to the rumors about a data breach, saying that it is investigating.

The allegations about a data breach on Razer belong to a threat actor who posted on ‘BreachForums’ during the weekend, saying that he is willing to sell a rich dataset containing valuable assets of the company.

“We have been made aware of a potential breach and are currently investigating,” reads Razer’s tweet that responds to threat intelligence platform FalconFeedsio, which was the first to spot the sale.

The threat actor claims to have stolen source code, encryption keys, database dumps, backend access credentials for razer.com and subbrands, and more.

The asking price for the above is $100,000 in Monero (XMR), a hard-to-trace cryptocurrency that many threat actors prefer over more mainstream options such as Bitcoin or Ether.

The seller, a newly registered user in the hacker forum, has also posted several screenshots showing the directory tree of the accessed files, credential pairs, and other file content.

Sale of data allegedly stolen from Razer
(RestorePrivacy)
Sale of data allegedly stolen from Razer
(RestorePrivacy)

The stolen database allegedly contains over 400 thousand lines, so it’s implausible that the listed emails pertain solely to Razer’s employees, making it more likely that customer information is included in it too.

RestorePrivacy has requested Razer to clarify if the screenshots posted by the cybercriminal show what appears as authentic data, but we have not received a response yet.

Razer’s 2020 Lapse

In September 2020, unprotected database “hunter” Volodymyr Diachenko discovered a database belonging to Razer, which was misconfigured to allow unauthenticated access to anyone with a valid URL since at least mid-August 2020.

That database contained the full names, email addresses, phone numbers, customer ID, order details, billing details, and shipping addresses of 100,000 customers of the gaming company.

Although in the 2020 case it was never proved that anyone besides Diachenko had accessed the data, the more recent incident clearly involves at least one cybercriminal, and the number of those having access to the data may grow exponentially very soon.

Regarding the potential links between the two incidents, the data samples posted by the forum user date to as recently as December 2022, so we can assume that this concerns a new security lapse.

Related Articles:

Avatar photo

About Heinrich Long

Heinrich is an associate editor for RestorePrivacy and veteran expert in the digital privacy field. He was born in a small town in the Midwest (USA) before setting sail for offshore destinations. Although he long chafed at the global loss of online privacy, after Edward Snowden’s revelations in 2013, Heinrich realized it was time to join the good fight for digital privacy rights. Heinrich enjoys traveling the world, while also keeping his location and digital tracks covered.

Reader Interactions

Leave a Reply

Your email address will not be published. Required fields are marked *