Gaming firm Razer hit by potential breach, hacker offering stolen data for RM466,750 in crypto

By Aqil Hamzah

Razer said that it is aware of the potential breach and is investigating. — The Straits Times/ANN

SINGAPORE: Gaming hardware company Razer has allegedly suffered a data breach, after a seller on a hackers’ forum offered stolen data for US$100,000 (RM466,750 or S$134,898) in cryptocurrency on July 8.

The firm said in a Twitter post on Monday that it is aware of a potential breach and is investigating.

Checks by The Straits Times found that the data being sold included the source code and back-end access logins for Razer’s website and its products.

This included folders labelled zVault – referring to Razer’s digital wallet that was launched in March 2017 and later gave way to Razer Gold in December 2018 – as well as those allegedly containing encryption keys and files pertaining to its reward system.

A sample seen by ST also showed the alleged e-mail addresses of customers with virtual credit in Razer Gold accounts. The seller claimed to have 404,000 accounts, but this could not be verified.

On the hackers’ forum, the seller said he would sell the data to only one customer for an asking price of US$100,000 (RM466,750) in the Monero cryptocurrency.

However, he added that he would be open to offers lower than the stipulated amount.

Unlike other cryptocurrencies such as Bitcoin or Ethereum, in which information on transactions is public due to them taking place on the blockchain, transactions on Monero are private, according to the cryptocurrency’s website.

Users of the cryptocurrency are anonymous by default, and information on transactions are concealed, making it harder to see which wallet sent or received the money.

ST has contacted Razer for more information, including whether customers’ personal information, such as their credit card details, was stolen, and if this data breach was linked to the one the home-grown firm suffered in 2020.

In the earlier breach, the personal and shipping information of about 100,000 Razer customers globally was leaked due to a server misconfiguration.

Razer sued its IT vendor Capgemini for the security breach, after a former employee at the latter firm added a “#” command to a line of code, disabling the security settings of a computer system.

As a result, data stored in the system was leaked to the public between June 18, 2020, and Sept 10, 2020. The High Court awarded Razer US$6.5mil in damages on Dec 9, 2022. – The Straits Times (Singapore)/Asia News Network

×
Follow us on our official WhatsApp channel for breaking news alerts and key updates!

Next In Tech News
Snowcap Compute raises $23 million for superconducting AI chips
Driverless disruption: Tech titans gird for robotaxi wars with new factory and territories
Prosus delays Indian payments firm PayU IPO to enhance business operations
Study: Trust in AI strongest in China, low-income nations
Prosus surpasses annual financial targets with $7.4 billion annual earnings
FBI warns of hidden ‘malicious’ threats lurking in widely used devices
Would you hail a 'robotaxi'? Musk bets cabs will give Tesla a lift after boycotts and sales plunge
Music streaming service Deezer adds AI song tags in fight against fraud
Jony Ive deal removed from OpenAI site over trademark suit
Billions of login credentials have been leaked online, Cybernews researchers say

Trending in Tech

Others Also Read

Load more

Copyright © 1995- Star Media Group Berhad [197101000523 (10894-D)]

Best viewed on Chrome browsers.