Personal information gone public: Razer leaks 100,000+ players’ private information

Enlarge / This redacted pattern document from the leaked Elasticsearch information exhibits somebody’s June 24 buy of a $2,600 gaming laptop computer. (credit score: Volodymyr Dianchenko)
In August, safety researcher Volodymyr Diachenko found a misconfigured Elasticsearch cluster, owned by gaming {hardware} vendor Razer, exposing prospects’ PII (Private Identifiable Info).
The cluster contained information of buyer orders and included info akin to merchandise bought, buyer e mail, buyer (bodily) tackle, telephone quantity, and so forth—principally, the whole lot you’d anticipate to see from a bank card transaction, though not the bank card numbers themselves. The Elasticseach cluster was not solely uncovered to the general public, it was listed by public search engines like google.

I need to say I actually loved my conversations with totally different reps of @Razer help group through e mail for the final couple of week, but it surely didn’t carry us nearer to securing the info breach of their programs.
— Bob Diachenko (@MayhemDayOne) September 1, 2020
Diachenko reported the misconfigured cluster—which contained roughly 100,000 customers’ information—to Razer instantly, however the report bounced from help rep to help rep for over three weeks earlier than being mounted.Learn 12 remaining paragraphs | Feedback

Supply hyperlink

Leave a Reply

Your email address will not be published. Required fields are marked *