Security researchers today revealed that Razer, Inc., a global gaming hardware manufacturing company, e-sports and financial services provider, left thousands of customers’ order and shipping details exposed on the web without password via a misconfigured server. The exposed information includes full name, email, phone number, customer internal ID, order number, order details, billing and shipping address. The exact number of affected customers is yet to be assessed as originally it was part of a large log stored on a company’s Elasticsearch cluster misconfigured for public access since August 18th, 2020 and indexed by public search engines. Based on the number of the emails exposed, researchers estimate the total number of affected customers to be around 100K.
About the Author
The opinions expressed in this post belongs to the individual contributors and do not necessarily reflect the views of Information Security Buzz.
