Backside line: Simply because no delicate data was uncovered doesn’t imply it couldn’t be damaging. Spammers use sources like this on a regular basis to construct up-to-date databases for spam and phishing campaigns.
A misconfigured server lately uncovered private data from what’s estimated to be north of 100,000 Razer prospects.
Unbiased safety researcher Volodymyr “Bob” Diachenko was the primary to report on the matter. Diachenko stated he instantly reached out to Razer’s assist channel however his message by no means discovered the correct individuals inside the corporate. As a substitute, he stated it was processed by non-tech assist managers for greater than three weeks earlier than being resolved.
Uncovered knowledge reportedly included full names, e-mail addresses, cellphone numbers, order numbers and buyer ID numbers in addition to transport and billing addresses. Diachenko stated it was half of a big log chunk saved on an Elasticsearch cluster that had been misconfigured since August 18. Worse but, it was being listed by public serps.
Razer in a press release to Diachenko famous that the misconfigured server was mounted on September 9, including that delicate knowledge equivalent to passwords or fee card numbers weren’t uncovered.
The Verge stated Razer confirmed the problem by way of e-mail, including that anybody with issues may attain out to buyer assist for extra data.
Masthead credit score: Sharaf Maksumov