iscover
Share this article on:
Powered by
MOMENTUM
MEDIA
A threat actor has claimed to have breached the website of major computer hardware manufacturer Cooler Master, exfiltrating the data of over 500,000 people.
The hacker, who goes by the name “GHOSTR” reached out to technology and security publication BleepingComputer, claiming to have breached one of Cooler Master’s websites and exfiltrated over 103 gigabytes of data.
Cooler Master is best known for its manufacturer of PC cases, gaming chairs, fans and cooling systems and more.
As seen by Cyber Daily, GHOSTR listed Cooler Master on infamous hacking forum BreachForums, claiming to have accessed the company’s networks on 18 May this year.
“This data breach includes Cooler Master corporate, vendor, sales, warranty, inventory and HR data as well as over 500,000 of their fanzone members personal information, including name, address, date of birth, phone, email + plain unencrypted credit card information, including name, credit card number, expiry date and 3 digits CC code,” said GHOSTR in the post.
According to GHOSTR speaking with BleepingComputer, the threat actor exfiltrated a database from Cooler Master’s Fanzone website, which is used for contacting support, registering product warranty, requesting return merchandise authorisation and news updates.
The database was accessed after GHOSTR breached a public-facing website, which allowed for several different databases to be accessed and downloaded.
Accompanying the listing is a list of links to sample CSV data, which was inaccessible by Cyber Daily at the time of writing, but BleepingComputer said the links contain a variety of data types, affecting employees, customers, and vendors and containing product informayion.
The publication found that one file contained over 1,000 records of what seem to be customer support tickets and return merchandise authorisation requests, containing names, emails, birthdays, IP addresses, phone numbers, and physical addresses.
The data also appears to be legitimate, with BleepingComputer saying it confirmed with customers who opened support tickets. Evidence that credit card information was compromised was not found.
GHOSTR also said Cooler Master was contacted with ransom demands but that it did not respond. It now says it will sell the data at a price to be decided at a later date.
Cyber Daily has reached out to Cooler Master for comment.
Be the first to hear the latest developments in the cyber industry.
