It was recently reported that Razer, a Singapore-based gaming hardware company, is investigating a potential data breach after a hacker allegedly offered to sell the firm’s source code, back-end access logins, and customer data for US$100,000 in Monero cryptocurrency. The unverified data claimed for sale is said to include around 404,000 accounts associated with Razer’s digital wallet service, Razer Gold.
On the breach, Satnam Narang, sr. staff research engineer, Tenable, commented “The recent alleged attack on Razer is a stark reminder of the importance of data security, as hackers gain unauthorised access to sensitive data through a variety of means including exploiting vulnerabilities, social engineering including spearphishing, misconfigurations of cloud storage, targeting third parties and supply chain attacks. Organisations of all types are at risk, but firms like Razer, a leading company in its field, are a prime target for cybercriminals.
“Though the investigation into the alleged breach is ongoing, we see that stolen data remains a lucrative business opportunity for all types of attackers. In ransomware, we see the theft of and threat to publish stolen, sensitive data, lead to ransom demands that range in the tens of thousands to the millions.
“In other instances, such as this one, the sellers operate like the stereotypical criminal selling stolen jewelery out of their coat pockets. These cybercriminals seek the best possible deal, but are willing to compromise on price and are focused on expediency, because, even though the stolen data is valuable, possession of such data comes with the likelihood of law enforcement action.”
