Edition Bleeping computer, referring to the famous information security expert Bob Dyachenko, warned that Razer recently left the database of its online store unprotected. Due to this oversight of the gaming device manufacturer, the data of approximately 100,000 people who bought products from the company's online store could fall into the hands of outsiders.
Dyachenko discovered an unsecured Razer base available to anyone on August 19, 2020. As you can see in the screenshot below, the database contained the customer's name, email address, phone number, order numbers, order details, and billing and shipping addresses.
The researcher says that for several weeks he could not get in touch with the company, and only on September 9, 2020 Razer employees nevertheless paid attention to the problem and secured the problematic database. At the same time, in the end, the company emphasized that the leakage did not affect the bank card numbers of users and their passwords.
I must say I really enjoyed my conversations with different reps of @Razer support team via email for the last couple of week, but it did not bring us closer to securing the data breach in their systems. pic.twitter.com/Z6YZ5wvejl
– Bob Diachenko (@MayhemDayOne) September 1, 2020
Dyachenko and Bleeping Computer experts note that even without passwords and payment data, attackers can use leaked information about users in phishing attacks to collect more confidential information (including financial data).