Misconfigured Elastisearch Cluster Exposes Razer Customer Data

Misconfigured Elastisearch Cluster Exposes Razer Customer Data

KEY POINTS

  • Around 100,000 Razer customers were affected after a misconfigured Elastisearch cluster 
  • The incident left a huge "log chunk" of Personal Identifiable Information out in the open
  • Bob Diachenko said the information could have been used to carry out phishing attacks

A security researcher discovered that a misconfigured Elastisearch cluster over at Razer has exposed its customers’ important data since August.

As reported by Volodymyr “Bob” Diachenko, Razer misconfigured a huge “log chunk” of its Elastisearch cluster and left a trail of valuable Personal Identifiable Information (PII) out in the open. Diachenko estimated that the incident affected around 100,000 of Razer’s customers.

Following its discovery, Diachenko said in a LinkedIn post that he immediately contacted Razer through their support channel. His efforts, however, fell on deaf ears as his message “never reached” the right people at Razer. For more than three weeks, his attempts were processed by non-technical support managers until the company was able to secure the information from public access.

Razer Razer Phone 2 will look like the original, but it will have RGB lighting on the back. Photo: REUTERS/Bobby Yip


The misconfigured cluster Diachenko discovered contained records of customer info, including purchased items, customer email, physical address and phone numbers, among others. Ars Technica said the cluster was also indexed by public search engines.

In response, Razer issued a public statement, saying that they were made aware of the leak.

“We were made aware by Mr. Volodymyr of a server misconfiguration that potentially exposed order details, customer and shipping information. No other sensitive data such as credit card numbers or passwords were exposed,” said Razer, adding that they have fixed the problem on September 9.