Reaction score
The database contained various information, including full names, email addresses, internal customer IDs, and order data.

American gaming peripherals manufacturer Razer inadvertently disclosed private information of thousands of its customers. The leak was reported by information security expert Bob Dyachenko, who discovered an incorrectly configured Elasticsearch cloud cluster that allowed access from the Internet to a segment of the Razer infrastructure.

The database contained a variety of information that could be of interest to attackers, including full names, email addresses, phone numbers, internal customer IDs, and order data (order number, billing address, and shipping address). According to Dyachenko, the incident affected approximately 100 thousand clients of the company. Razer acknowledged the leak, but emphasized that important data such as credit card numbers and passwords were not affected.

As the expert explained, he discovered the database on August 18 of this year and the next day contacted the company through the support service, however, due to the disorganization of the process, access to the database was closed only three weeks later.

It is currently unclear whether the database fell into the hands of attackers, but the information stored in it could be used for phishing attacks and social engineering. In this regard, Dyachenko recommends that Razer customers be attentive to messages received by phone and email, especially those that offer to follow a link to any resources.