{"id":31864,"date":"2020-09-14T09:35:52","date_gmt":"2020-09-14T13:35:52","guid":{"rendered":"http:\/\/pappp.net\/?guid=af30cfb89e3e80a93a3c1dbc984cb477"},"modified":"2020-09-14T09:35:52","modified_gmt":"2020-09-14T13:35:52","slug":"private-data-gone-public-razer-leaks-100000-gamers-personal-info","status":"publish","type":"post","link":"https:\/\/pappp.net\/?p=31864","title":{"rendered":"Private data gone public: Razer leaks 100,000+ gamers\u2019 personal info"},"content":{"rendered":"

Source: Ars Technica<\/a><\/p>\n

Article note: We really need a regulatory infrastructure that makes it prohibitively expensive to collect and silo data unless there is an extremely compelling reason. \r\nAlso, there is _no reason_ for a hardware configuration utility to connect to the Internet.<\/div>
\n
\"This

Enlarge<\/a> \/<\/span> This redacted sample record from the leaked Elasticsearch data shows someone's June 24 purchase of a $2,600 gaming laptop. (credit: Volodymyr Dianchenko<\/a>)<\/p> <\/figure>

<\/a><\/div>\n

In August, security researcher Volodymyr Diachenko discovered a misconfigured Elasticsearch cluster, owned by gaming hardware vendor Razer, exposing customers' PII (Personal Identifiable Information).<\/p>\n

The cluster contained records of customer orders and included information such as item purchased, customer email, customer (physical) address, phone number, and so forth—basically, everything you'd expect to see from a credit card transaction, although not the credit card numbers themselves. The Elasticseach cluster was not only exposed to the public, it was indexed by public search engines.<\/p>\n

\n

I must say I really enjoyed my conversations with different reps of @Razer<\/a> support team via email for the last couple of week, but it did not bring us closer to securing the data breach in their systems. pic.twitter.com\/Z6YZ5wvejl<\/a><\/p>\n

— Bob Diachenko (@MayhemDayOne) September 1, 2020<\/a><\/p><\/blockquote>\n

Diachenko reported the misconfigured cluster—which contained roughly 100,000 users' data—to Razer immediately, but the report bounced from support rep to support rep for over three weeks before being fixed.<\/p><\/div>

Read 12 remaining paragraphs<\/a> | Comments<\/a><\/p>

\n<\/a> <\/a> <\/a> <\/a>\n<\/div>","protected":false},"excerpt":{"rendered":"

Enlarge \/ This redacted sample record from the leaked Elasticsearch data shows someone’s June 24 p…<\/p>\n

Continue reading →<\/span><\/a><\/p>\n","protected":false},"author":1,"featured_media":0,"comment_status":"open","ping_status":"closed","sticky":false,"template":"","format":"standard","meta":{"footnotes":""},"categories":[226],"tags":[],"class_list":["post-31864","post","type-post","status-publish","format-standard","hentry","category-news-2"],"_links":{"self":[{"href":"https:\/\/pappp.net\/index.php?rest_route=\/wp\/v2\/posts\/31864","targetHints":{"allow":["GET"]}}],"collection":[{"href":"https:\/\/pappp.net\/index.php?rest_route=\/wp\/v2\/posts"}],"about":[{"href":"https:\/\/pappp.net\/index.php?rest_route=\/wp\/v2\/types\/post"}],"author":[{"embeddable":true,"href":"https:\/\/pappp.net\/index.php?rest_route=\/wp\/v2\/users\/1"}],"replies":[{"embeddable":true,"href":"https:\/\/pappp.net\/index.php?rest_route=%2Fwp%2Fv2%2Fcomments&post=31864"}],"version-history":[{"count":0,"href":"https:\/\/pappp.net\/index.php?rest_route=\/wp\/v2\/posts\/31864\/revisions"}],"wp:attachment":[{"href":"https:\/\/pappp.net\/index.php?rest_route=%2Fwp%2Fv2%2Fmedia&parent=31864"}],"wp:term":[{"taxonomy":"category","embeddable":true,"href":"https:\/\/pappp.net\/index.php?rest_route=%2Fwp%2Fv2%2Fcategories&post=31864"},{"taxonomy":"post_tag","embeddable":true,"href":"https:\/\/pappp.net\/index.php?rest_route=%2Fwp%2Fv2%2Ftags&post=31864"}],"curies":[{"name":"wp","href":"https:\/\/api.w.org\/{rel}","templated":true}]}}