Separate data breach incidents have leaked the personal details of 46,000 veterans and over 100,000 customers from Razer, a gaming hardware company.
The Department of Veterans Affairs’ Financial Services Center was recently hacked by way of an online application. The hackers attempted to divert payments for veterans’ medical treatments and also leaked social security numbers and other personal information of over 46,000 veterans.
The Department is currently investigating the data breach and has reached out to affected veterans with directions while also offering free credit monitoring services. They maintain that if someone has not received any alert via email, it’s because their info wasn’t compromised or leaked.
In a separate case, Razer, a gaming hardware company, also suffered a data breach. A misconfigured database was left online with no authentication required to access it, revealing over 100,000 customers’ shipping address, names, emails, order history.
The database was also being indexed by public search engines, meaning, it may have been discoverable with a simple Google search. Weeks after security researchers reached out to Razer, the company has fixed the issue.
In these cases, the information that’s leaked could be used to carry out more targeted attacks. For example, social security numbers could be used for identity theft. In Razer’s case, someone could use an order’s details to reach out to a customer and pretend to be Razer.
Using already known details such as shipping address and what was purchased, a scammer may try to obtain more sensitive details like credit card details in order to carry out a different attack. If you are worried whether your details were exposed in the Razer attack, you can reach out to them via DPO@razer.com
Overall, when it comes to these data breaches, you have to know the risk and ensure you’ve taken any necessary steps to minimize that risk. Because info like passwords weren’t stolen or leaked, you don’t have to reset any account passwords, just be aware that scammers may use some of the leaked information to target you with a different kind of attack.