Gaming firm Razer hit by potential breach, hacker offering stolen data for $135k in crypto

SINGAPORE – Gaming hardware company Razer has allegedly suffered a data breach, after a seller on a hackers’ forum offered stolen data for US$100,000 (S$134,898) in cryptocurrency on Saturday.

The firm said in a Twitter post on Monday that it is aware of a potential breach and is investigating.

Checks by The Straits Times found that the data being sold included the source code and back-end access logins for Razer’s website and its products.

This included folders labelled zVault – referring to Razer’s digital wallet that was launched in March 2017 and later gave way to Razer Gold in December 2018 – as well as those allegedly containing encryption keys and files pertaining to its reward system.

A sample seen by ST also showed the alleged e-mail addresses of customers with virtual credit in Razer Gold accounts. The seller claimed to have 404,000 accounts, but this could not be verified.

On the hackers’ forum, the seller said he would sell the data to only one customer for an asking price of US$100,000 in the Monero cryptocurrency. However, he added that he would be open to offers lower than the stipulated amount.

Unlike other cryptocurrencies such as Bitcoin or Ethereum, in which information on transactions is public as they take place on the blockchain, transactions on Monero are private, according to the cryptocurrency’s website.