In the wake of a significant data breach at Razer, a leading gaming hardware and software company, customers are left grappling with concerns over the security of their personal information and the potential for targeted cyber attacks.
The hacker responsible for the breach has stolen source code and back-end login details from Razer. The compromised data includes folders associated with Razer’s digital wallet, known as ‘zVault,’ as well as encryption keys for its rewards system. The hacker has also claimed to have accessed over 400,000 Razer Gold accounts, raising concerns about the security of customer information.
In a ransom demand, the hacker is demanding a payment of $100,000 in the form of the cryptocurrency Monero. Razer is currently investigating the incident, but it has not yet confirmed whether customers’ credit card information was compromised during the breach.
A similar, breach follows a security incident that occurred in 2020, where Razer experienced a data breach due to a server misconfiguration caused by an employee at the IT firm Capgemini. Over 100,000 Razer customers’ personal information, including names, email addresses, phone numbers, order details, and billing and shipping addresses, were exposed as a result.
In light of this breach, a cybersecurity expert has cautioned Razer customers to remain vigilant against potential phishing attacks. The compromised data from the 2020 incident could be exploited to launch targeted email or telephone scams. Customers must exercise caution and verify the authenticity of any communication they receive from Razer or related parties. Razer swiftly resolved the issues following the 2020 breach but subsequently filed a lawsuit against Capgemini, seeking $6.5 million in damages. The outcome of the lawsuit is yet to be determined.
Recently on July 5, two seventeen-year-old teenagers from Hamilton, Canada, have been arrested and charged with theft and possession of criminally obtained property. They were involved in a fraudulent scheme where they impersonated Coinbase customer support to deceive a US investor.
This type of targeted attack is known as spear-phishing, where perpetrators pose as a trustworthy entity to extract sensitive information and exploit it for financial gain. A cybersecurity expert has warned Razer customers that this information could be used for targeted phishing attacks and advised customers to be cautious of potential email or telephone scams.