Gaming Hardware Giant At Risk Of Breach


Gaming hardware behemoth Razer remains under the cybersecurity spotlight again, with allegations of a new Razer cyber attack looming large.

An unknown individual under the alias ‘Nationalist’ on a dark web forum claims to have obtained crucial data as a result of the suspected Razer cyber attack.

This data reportedly includes source code, database, encryption keys, and back-end access logins linked to Razer.com and its products. The seller is demanding $100,000 in Monero (XMR) for the entire dataset.

The authenticity of the alleged Razer cyber attack is yet to be confirmed.

With its headquarters in Singapore and the United States, Razer responded to the claims swiftly to a tweet by Falcon Feeds SIO. “We have been made aware of a potential breach and are currently investigating,” the company stated on Twitter.

Gaming Hardware Giant At Risk Of Breach
Razer Cyber Attack
This data reportedly includes source code, database, encryption keys, and back-end access logins linked to Razer.com and its products.

This statement corroborates suspicions about a new Razer cyber attack, though further investigations are necessary.

A Familiar Terrain? Razer’s History with Data Breach

This isn’t Razer’s first encounter with a cyber-security lapse.

In August 2020, gaming hardware titan Razer left the personal information of over 100,000 gamers exposed for nearly a month, a report reveals. The information was made publicly available due to a server misconfiguration, discovered by security researcher Volodymyr Diachenko.

Data, including email and mailing addresses, phone numbers, and the details of products ordered from Razer’s digital store, were left unprotected. Fortunately, no credit card information was included in this breach of the Razer cyber attack.

Despite the absence of credit card data, the exposed personal information could be used in phishing campaigns. Cybercriminals often use such data to craft convincing emails, texts, or even phone calls, tricking individuals into providing further sensitive data, such as passwords for online accounts or credit card details.

This highlights the severity of the Razer cyber attack, emphasizing the necessity for thorough data security measures.

Following the discovery of the server misconfiguration, Diachenko claimed he contacted Razer multiple times over a three-week period before receiving a response.

Razer confirmed the misconfiguration in a statement and acknowledged the potential exposure of personal information, including full names, phone numbers, and shipping addresses.

The company reassured that no other sensitive data, such as payment methods, were leaked, and the misconfiguration was fixed on September 9, 2020.

Razer’s Legal Battle with Capgemini Following the Cyber Attack

The fallout of the Razer cyber attack had legal implications. Following the breach, Razer launched a legal battle against Capgemini, a French multinational IT services company. Razer held Capgemini responsible for the server misconfiguration that led to the data leak.

The legal battle ended favorably for Razer, with the High Court awarding the company $6.5 million in damages. This included the recovery of loss of profits from Razer’s e-commerce platform and the costs Razer incurred in investigating the incident and dealing with regulators.

Unverified Claims and The Shadow of a New Razer Cyber Attack

The authenticity of the alleged Razer cyber attack is yet to be confirmed.

It’s unclear whether the data being peddled on the dark web is from the 2020 Razer cyber attack or if it’s indeed a new, separate breach.

Cybersecurity outlets, including The Cyber Express, are actively seeking a response from Razer for more clarity on this issue. As of now, the company has not provided detailed insights.

If substantiated, the claims of another Razer cyber attack could tarnish Razer’s cybersecurity track record and impact its business operations significantly.

As an industry leader in gaming hardware, a new data breach would raise serious questions about Razer’s data security infrastructure and customer data protection measures.

Media Disclaimer: This report is based on internal and external research obtained through various means. The information provided is for reference purposes only, and users bear full responsibility for their reliance on it. The Cyber Express assumes no liability for the accuracy or consequences of using this information.





Source link