Thousands Of Razer Customers Order And Shipping Details Exposed On The Web Without Password

By   ISBuzz Team
Writer , Information Security Buzz | Sep 11, 2020 10:15 am PST

Security researchers today revealed that Razer, Inc., a global gaming hardware manufacturing company, e-sports and financial services provider, left thousands of customers’ order and shipping details exposed on the web without password via a misconfigured server. The exposed information includes full name, email, phone number, customer internal ID, order number, order details, billing and shipping address. The exact number of affected customers is yet to be assessed as originally it was part of a large log stored on a company’s Elasticsearch cluster misconfigured for public access since August 18th, 2020 and indexed by public search engines. Based on the number of the emails exposed, researchers estimate the total number of affected customers to be around 100K.