.
The data contains the source code as well as logins for internal access to Razer’s website and its products. This also includes folders marked zVault related to the Razer digital wallet, created in March 2017 and replaced by Razer Gold in December 2018. Encryption keys and files related to the reward system are also for sale.
The attacker is believed to have the email addresses of each customer with virtual credit in their Razer Gold accounts. The hacker insists that he gained access to over 404,000 accounts, but this has not been confirmed. On a hacker forum, the seller announced that he would sell all data at once, to one buyer for $100,000 in the confidential cryptocurrency Monero. However, the hacker is ready to haggle and is open to offers.
A Razer spokesperson said the company is aware of the situation and is investigating a potential hack. It is not yet known whether the attacker gained access to customers’ credit card data.
Razer already faced a similar security problem in 2020, which exposed the personal information of more than 100,000 customers thanks to improper server configuration. Capgemini IT employee just accidentally disabled a number of security settings. Razer sued Capgemini, and in December 2022, the court awarded the gaming equipment manufacturer $6.5 million in damages.
But Capgemini’s lawyers appealed, arguing that the company should pay only nominal damages because Razer took no action after repeated warnings from a cybersecurity specialist about the hack.
XRM is one of the most preferred coins for hackers. Last year, hackers attacked the Australian telecommunications company Optus, threatening to sell the stolen data unless it paid $1 million in XRM.