Razes investigates data breach claims, resets user sessions

Gaming gear company Razer reacted to recent rumors of a massive data breach with a short statement on Twitter, letting users know that they started an investigation into the matter.

Razer is a popular American-Singaporean tech firm focusing on gaming hardware, selling high-quality peripherals, powerful laptops, and apparel.

The company also sells services that give registered account holders access to extensive game collections, special in-game item offers, exclusive rewards, and more through its Razer Gold payment system.

Information about a potential data breach at the company emerged on Saturday, when someone posted on a hacker forum that they had stolen the source code, database, encryption keys, and backend access logins for Razer.com, the company's main website.

Sale of data allegedly stolen from Razer
Sale of data allegedly stolen from Razer (BleepingComputer)

The user offered to sell that data for $100,000 worth of Monero (XMR) cryptocurrency and urged interested individuals to contact him directly to close the deal.

The publisher of the post has not set any limitations or exclusivity, meaning anyone willing to pay the requested amount would get the entire data set.

The screenshots posted as proof of the breach show file lists and trees, email addresses, source code allegedly for anti-cheat and reward systems, API details, Razer Gold balances, and more.

Cybersecurity analysts at FalconFeedsio spotted the announcement on the hacker forum and shared with the public. Replying to the tweet, Razer said that it was looking into the potential incident by starting an investigation.

tweet

BleepingComputer has contacted Razer to ask about the validity of the data samples the posted on the hacker forum but we have not received a response at publishing time.

However, we have been able to confirm that the leaked accounts are valid and belong to legitimate users on the website.

Also, BleepingComputer has found that Razer has reset all member accounts, invalidating their active sessions and requesting them to reset their passwords.

Password reset prompt
Session expiration message (BleepingComputer)

Researcher Bob Diachenko discovered in 2020 an unprotected Razer database containing full names, email addresses, phone numbers, customer IDs, order details, and billing and shipping addresses of 100,000 customers.

The database was exposed between August 18, 2020 and September 9, 2020, but it is unclear if anyone apart from the researcher ever accessed or copied Razer’s data.

From the data samples leaked this time it appears that the information is more recent, dating to at least December 2022, so the two incidents are most likely unrelated.


Update 7/11 - A Razer spokesperson has sent Bleeping Computer the following comment:

We were alerted to a potential hack on July 9, 2023 impacting Razer Gold.

Upon learning about the breach, the team immediately conducted a thorough review of all Razer’s websites and have taken all necessary steps to secure our platforms.

Razer is still in the midst of investigations, and we remain committed to ensuring the digital safety and security of all our customers.

Once investigations have concluded, Razer anticipates that we will report this matter to the relevant authorities. 

Customers who have questions can reach out to DPO@razer.com.

Related Articles:

Infosys McCamish says LockBit stole data of 6 million people

Dairy giant Agropur says data breach exposed customer info

Los Angeles Unified School District investigates data theft claims

PandaBuy pays ransom to hacker only to get extorted again

Australian mining company discloses breach after BianLian leaks data