Razer data leak – Experts Reaction

Researcher Bob Diachenko reports gaming hardware giant, Razer Inc. recently experienced an incident exposing customer emails, phones, shipping and billing addresses and more online. Cybersecurity expert reacted below.


EXPERTS COMMENTS
Chloé Messdaghi, VP of Strategy,  Point3 Security
September 15, 2020
Every company should have a vulnerability disclosure and/or bug bounty program.
It’s obvious that some three weeks passed between the time a hacker came across the misconfigured database that revealed user PII, and the time it got fixed. It’s likely that when the researcher contacted Razer with the info on the data leak, that red flag may have been passed around internally before landing in the lap of someone who knew who to give the red flag to. Three weeks is a long ti ....
[Read More >>]
Saryu Nayyar, CEO,  Gurucul
September 15, 2020
A skilled social engineer can pull even small pieces into a picture they can use against their target.
The breach of Razer's database doesn't appear to have revealed any vital user information and they remediated the issue fairly quickly, but even non-vital information can be of value to an attacker. Knowing what a user purchased, and when, can be all a clever attacker needs to formulate a convincing phishing or social engineering attack. While some data points are "more sensitive" than others, a ....
[Read More >>]

If you are an expert on this topic:

Submit Your Expert Comments


In this article