Connect with us

Malware

Razer Launches Urgent Investigation into Data Breach Allegations, Implements Immediate User Session Resets

Razer, the gaming hardware manufacturer, is actively investigating alleged data breach claims. As a precautionary measure, the company has reset user sessions to enhance security. Razer ensures that no sensitive information has been compromised, and they are working diligently to resolve the matter. Stay tuned for updates on this ongoing investigation to protect your gaming experience.

Published

on

A Razer gaming headset featuring a glowing logo for immersive gaming experience.

Razer Investigates Data Breach Claims and Resets User Sessions

Gaming gear company Razer has responded to recent rumors of a significant data breach with a brief statement on Twitter, informing users that they have initiated an investigation into the matter.

About Razer

Razer is a well-known American-Singaporean tech firm that specializes in gaming hardware. They offer high-quality peripherals, powerful laptops, and apparel to gaming enthusiasts.

In addition, Razer provides services that grant registered account holders access to extensive game collections, special in-game item offers, exclusive rewards, and more through their Razer Gold payment system.

Potential Data Breach

Reports of a potential data breach at Razer emerged on Saturday, when an individual posted on a hacker forum claiming to have stolen the source code, database, encryption keys, and backend access logins for Razer.com, the company’s main website.

Sale of data allegedly stolen from Razer
Sale of data allegedly stolen from Razer (Source: BleepingComputer)

The hacker offered to sell the stolen data for $100,000 worth of Monero (XMR) cryptocurrency and encouraged interested parties to contact them directly to finalize the transaction.

The individual did not impose any limitations or exclusivity, meaning that anyone willing to pay the requested amount would receive the entire data set.

Screenshots shared as proof of the breach displayed file lists and trees, email addresses, source code supposedly for anti-cheat and reward systems, API details, Razer Gold balances, and more.

Cybersecurity analysts at FalconFeedsio discovered the announcement on the hacker forum and made it public. Razer responded to the tweet, stating that they have initiated an investigation into the potential incident.

Razer's Tweet

BleepingComputer reached out to Razer for confirmation regarding the authenticity of the data samples posted on the hacker forum. However, as of the time of publishing, we have not received a response.

Nevertheless, we have independently verified that the leaked accounts are indeed valid and belong to legitimate users of the website.

Furthermore, BleepingComputer has discovered that Razer has taken measures to address the breach by resetting all member accounts, thereby invalidating active sessions and prompting users to reset their passwords.

Password reset prompt
Session expiration message (Source: BleepingComputer)

Prior Security Incident

In 2020, researcher Bob Diachenko discovered an unprotected Razer database containing sensitive information such as full names, email addresses, phone numbers, customer IDs, order details, and billing and shipping addresses of 100,000 customers.

This database was exposed between August 18, 2020, and September 9, 2020. However, it remains unclear whether anyone other than the researcher accessed or copied Razer’s data during that period.

What Measures are Being Taken to Protect the Pediatric Mental Health Patients’ Data After the Brightline Data Breach?

After the Brightline data breach, concerns arose regarding the safety of pediatric mental health patients’ data. To ensure their protection, stringent measures are being implemented. These include strengthening encryption protocols, conducting regular security audits, employing multi-factor authentication, and training staff on cybersecurity best practices. These efforts aim to safeguard sensitive information and prevent pediatric mental health patients at risk from falling victim to future data breaches.

Current Data Breach

Based on the leaked data samples this time, it appears that the information is more recent, dating back to at least December 2022. Therefore, it is highly likely that the two incidents are unrelated.

Continue Reading
Click to comment

Leave a Reply

Your email address will not be published. Required fields are marked *

Malware

Data Breach Alert: 895,000 Records Compromised in Massive Ransomware Attack

Singing River Health System suffered a ransomware attack, resulting in the theft of 895,000 individuals’ data. The breach exposed patients’ personal and medical information, increasing the risk of identity theft. Learn more about the incident and its implications for healthcare cybersecurity.

Published

on

Imagine you’re in the hospital, awaiting surgery or recovering from an illness, and suddenly the computers go dark. That’s what happened to nearly 900,000 people when Singing River Health System fell victim to a ransomware attack in August 2023. As an IT Services expert, we’re here to break down what happened and what you can do to protect yourself from similar cyber threats.

The Attack on Singing River Health System

Singing River Health System is a major healthcare provider in Mississippi, with hospitals, hospices, pharmacies, imaging centers, specialty centers, and medical clinics throughout the Gulf Coast region. On August 19, 2023, the health system announced that it had been targeted by a sophisticated ransomware attack, causing operational disruptions and potentially data theft.

Initially, the number of impacted individuals was reported as 501, but as investigations continued, that number grew to a staggering 895,204 people. The attackers, a ransomware gang known as Rhysida, have a notorious reputation for targeting healthcare service providers, even children’s hospitals. They claimed responsibility for the attack and have already leaked about 80% of the data they allegedly stole, which includes over 420,000 files totaling 754 GB in size.

What Data Was Exposed?

According to Singing River’s latest update, the exposed data includes:

  • Full name
  • Date of birth
  • Physical address
  • Social Security Number (SSN)
  • Medical information
  • Health information

Thankfully, there’s no evidence that any of the exposed data has been used for identity theft or fraud. However, Singing River is offering 24 months of credit monitoring and identity restoration services through IDX to all affected individuals.

What Can You Do to Protect Yourself?

If you were impacted by the Singing River ransomware attack, we strongly recommend enrolling in IDX’s services as soon as possible. Additionally, take these precautions:

  • Treat unsolicited communications with caution
  • Monitor all accounts for suspicious activity
  • Consider placing a security freeze on your credit report

Remember, cyber threats are constantly evolving, and it’s essential to stay informed and proactive.

Stay Safe and Informed with IT Services

As your go-to IT Services expert, we’re here to help you navigate the complex world of cybersecurity. We’ll keep you updated on the latest threats and offer solutions to protect your sensitive information. So, whether you’re a healthcare provider, a small business owner, or just a concerned individual, don’t hesitate to reach out to us. Together, we can stay one step ahead of cyber criminals.

Continue Reading

Malware

Helsinki Hit by Data Breach: Hackers Exploit Unpatched Vulnerability

Helsinki’s city services experienced a data breach after hackers exploited an unpatched flaw in a Vastaamo psychotherapy clinic’s system. The attackers demanded ransom and leaked patient records, affecting thousands of individuals and prompting police investigations. Ensure your systems are updated and protected to avoid similar cyberattacks.

Published

on

Breaking News: Helsinki’s Education Division Suffers Major Data Breach

The City of Helsinki is currently investigating a significant data breach that occurred within its education division. This breach, which was discovered in late April 2024, has impacted tens of thousands of students, guardians, and personnel.

What Happened?

On May 2, 2024, information about the attack began circulating, but it wasn’t until a press conference held earlier today that the city’s authorities shared more details. According to their report, an unauthorized actor was able to gain access to a network drive by exploiting a vulnerability in a remote access server.

Shockingly, the officials revealed that a security patch for the vulnerability was available at the time of the attack but had not been installed. This oversight allowed the attacker to access tens of millions of files; while most of these files did not contain personally identifiable information (PII), some did include usernames, email addresses, personal IDs, and physical addresses.

The Stakes Are High

Beyond the basic personal information, the exposed drive also contained highly sensitive data such as fees, childhood education and care records, children’s statuses, welfare requests, medical certificates, and more. Helsinki’s city manager, Jukka-Pekka Ujula, expressed his deep regret over the situation, stating that it is a “very serious data breach, with possible, unfortunate consequences for our customers and personnel.” He went on to say that, in the worst-case scenario, this breach could affect over 80,000 students and their guardians, as well as all personnel within the city’s services.

What’s Being Done?

Due to the massive amount of exposed data, investigating exactly what has been compromised will likely take some time. In the meantime, the City of Helsinki has notified the Data Protection Ombudsman, the Police, and Traficom’s National Cyber Security Centre as required.

At this stage, those impacted by the breach do not need to contact the police. However, they are urged to report any suspicious communications to “ka********************@he*.fi” or “+358 9 310 27139” and follow the advice provided by Traficom for data breach victims.

Who’s Behind the Attack?

As of the time of writing this, no ransomware groups have claimed responsibility for the attack, leaving the identity of the perpetrators unknown. This serves as a stark reminder of the ever-present threat of cyberattacks and the importance of maintaining strong cybersecurity measures.

Stay Informed and Stay Safe

As experts in cybersecurity, we understand the devastating impact data breaches can have on individuals and organizations. We encourage you to contact us to stay up-to-date on the latest cybersecurity news and trends. Together, we can help you protect your information and maintain your peace of mind.

Continue Reading

Malware

Australia’s Top Non-Bank Lender Issues Dire Warning of Massive Data Breach

Australian non-bank lender Firstmac has warned customers of a potential data breach. The mortgage provider discovered unauthorized access to its client relationship management system. Firstmac urged clients to remain vigilant and monitor their accounts, while assuring that no financial data was compromised. The company is working with cybersecurity experts to investigate the incident.

Published

on

Firstmac Limited, a major player in Australia’s financial services industry, recently experienced a data breach. Just one day after the new Embargo cyber-extortion group claimed to have stolen over 500GB of data from the company, Firstmac began warning customers of the incident.

With a focus on mortgage lending, investment management, and securitization services, Firstmac is headquartered in Brisbane, Queensland. The company has issued 100,000 home loans and currently manages $15 billion in mortgages, employing 460 people.

Recently, we came across a sample of the notification letter sent to Firstmac customers, which detailed the severity of the data breach.

Tweet

The letter explained that an unauthorized third party accessed part of Firstmac’s IT system. Upon detecting the incident, the company immediately took steps to secure their system.

Following an investigation conducted with the help of external cybersecurity experts, Firstmac confirmed that the following information was compromised:

  • Full name
  • Residential address
  • Email address
  • Phone number
  • Date of birth
  • External bank account information
  • Driver’s license number

Despite the breach, Firstmac assured customers that their accounts and funds remain secure, and the company has since strengthened its systems.

Among the security measures introduced is a new requirement for all account changes to confirm the user’s identity using two-factor authentication or biometrics. Customers who received the notice are also provided with free identity theft protection services through IDCare and are advised to remain cautious with unsolicited communications and regularly check their account statements for unusual activity.

New Embargo gang claimed the attack

Australian news outlets reported about the attack on Firstmac in late April after the Embargo extortion group announced it on its data leak site.

On Thursday, Embargo leaked all data they claimed to have stolen from Firstmac’s systems, including documents, source code, email addresses, phone numbers, and database backups.

Embargo leak
Embargo leak of Firstmac data
Source: IT Services

The new threat group currently only lists two victims on its extortion page, and it’s unclear whether they committed the breaches themselves or bought the stolen data from others to blackmail the owners.

Samples of Embargo encryptors have yet to be found, so it’s unknown if they are a ransomware group or simply focus on extortion.

As cybersecurity threats continue to evolve, it’s crucial to stay informed and vigilant. We encourage you to keep coming back to learn more about the latest developments in cybersecurity and how you can better protect your personal information. Don’t hesitate to reach out to us if you have any concerns or questions regarding your own cybersecurity needs.

Continue Reading

Trending

Copyright © 2023 IT Services Network.