Razer apologises for exposing 100,000 customers' personal data

Server misconfiguration has been fixed, peripherals firm assures no credit card numbers or passwords were exposed

Gaming hardware firm Razer has rectified an error that publicly exposed around 100,000 people's personal information.

The issue was identified by security research Volodymyr Diachenko, who found a Razer-owned Elasticsearch cluster has been misconfigured so that it was both open to public viewing and public search engines could find the data it contained, Ars Technica reports.

Elasticsearch is a tech platform that allows companies to search through their data more effeciently. The Razer cluster contained records of around 100,000 customer's orders.

Potentially available to the public were listings for items purchased, customer email addresses and physical shipping addresses, phone numbers and more.

Diachenko informed Razer, although it reportedly took over three weeks for the issue to be fixed as he was passed back and forth between the company's support representatives.

Razer issued a statement to confirm the issue has been resolved.

"We were made aware by Mr. Volodymyr of a server misconfiguration that potentially exposed order details, customer and shipping information," the company said. "No other sensitive data such as credit card numbers or passwords was exposed.

"The server misconfiguration has been fixed on September 9, prior to the lapse being made public.

"We would like to thank you, sincerely apologise for the lapse and have taken all necessary steps to fix the issue as well as conduct a thorough review of our IT security and systems. We remain committed to ensure the digital safety and security of all our customers."

More stories

Razer closing SF office

Peripheral maker laying off 19 at the end of February as it moves one of its two headquarters to Irvine

By Brendan Sinclair

Razer applies for digital bank licence in Singapore, proposes 'youth bank'

Gaming accessories firm will take 60% stake in company and is leading a consortium of partners to bolster its bid

By James Batchelor

Latest comments

Sign in to contribute

Need an account? Register now.