Razer has reportedly confirmed that it suffered a leak that may have exposed the data of some of its customers.
The leak is said to have been noticed around the middle of August. Specifically on August 19. It was discovered by Security Researcher Bob Diachenko, who found that the Razer Store had a database that was not secured properly.
Diachenko then reached out to Razer about the issue. And had a conversation with the company over the span of a few weeks. According to Diachenko, Razer was contacted immediately after the leak was discovered, but it took Razer more than three weeks to fix the problem.
Razer data leak may have exposed various types of information
A data leak is never a good thing if you're a large corporation that handles loads of customer information.
In Razer's case, the leak may have exposed information of up to 100,000 customers. Though Razer does state that as of now the improperly configured data base now been fixed and is secure.
As for the information that may have been exposed, it contained various types. This includes email addresses, shipping address, order details about what was being purchased, and phone numbers.
Basically the data exposed could have included what you were buying from Razer and where it was going. Razer does state as well though that the leak did not expose information such as credit card details or passwords.
Which should be a little bit of peace of mind for anyone who has shopped at Razer's website over the past month. Also worth noting is that just because there was an improperly secured database, it doesn't mean that anyone actually got a hold of that information.
The risks going forward could still be there
As Diachenko notes, customers who have purchased things from Razer should still be on the lookout for potential risks.
Though the data leak didn't contain credit card information or any passwords, that doesn't mean there was no information leaked that could lead to attackers getting a hold of that information.
Customers may want to keep an eye out for emails that claim to be from Razer. And be weary of any emails attempting to gather more information than what may already be out there.
With order details and shipping information having potentially been exposed, it would be easy enough for someone with that information to pose as Razer support and get something more useful. Like credit card information.