Share this article on:
Gaming hardware and peripheral manufacturer Razer is currently looking into a potential data breach after hackers listed stolen data online.
Razer has said it is aware of a breach relating to its Razer Gold digital currency, with hackers having stolen source code, encryption keys and back-end access details for the digital wallet service as well as the company’s website and products.
We have been made aware of a potential breach and are currently investigating.
— R Λ Z Ξ R (@Razer) July 10, 2023
“We were alerted to a potential hack on July 9, 2023 impacting Razer Gold,” Razer said in its statement.
“Upon learning about the breach, the team immediately conducted a thorough review of all Razer’s websites and have taken all necessary steps to secure our platforms.
Razer Gold is a digital wallet and currency for gamers, which promises better value for money on games and in-game content.
A sample seen by Singapore-based publication The Straits Times showed that the stolen data also allegedly include the emails of Razer Gold customers with credit in their accounts.
The hackers claimed to have the details of 404,000 accounts.
Hackers have listed the data with a price tag of US$100,000 (roughly $150,000) in the Monero cryptocurrency and have said that they will only sell to one customer.
Monero is a popular cryptocurrency for hackers as transactions are private, making it harder to track down those who use it for nefarious deals.
In response to the hack, Razer said it had launched an investigation into the breach and how it happened.
“Razer is still in the midst of investigations, and we remain committed to ensuring the digital safety and security of all our customers.
“Once investigations have concluded, Razer anticipates that we will report this matter to the relevant authorities,” it said.
The Razer hack points out a uniquely overlooked aspect of data protection, with the Asia-Pacific head of solutions strategy at Synopsys Software Integrity Group, Phillip Ivancic, saying that the theft of source code can lead to further breaches in the future.
“The fact that early reports indicate that Razer’s attacker obtained their source code highlights a hugely important but often overlooked area of concern: the need for companies to pay special attention to their software development environments where source code is maintained,” said Ivancic.
Ivancic went on to say that there are two key reasons that source code should be a top priority when securing a company’s data. The first is the obvious theft of intellectual property, which can have massive commercial consequences.
On top of this, he said that “source code can be analysed offline to understand vulnerabilities and plan further attacks”.
“By having direct access to the source code, an attacker can get an intimate understanding of any underlying vulnerabilities, therefore, providing them with the information they need to create malicious attacks that exploit those software vulnerabilities,” Ivancic said.