Private data gone public: Razer leaks 100,000+ gamers’ personal info

erek

erek

[H]F Junkie
Joined
Dec 19, 2005
Messages
10,868
"As a consumer, there is unfortunately little you can do about companies losing control of your data once they have it. Instead, you should focus on minimizing how much of your data companies have in the first place— for example, no one company should have a password that can be used with your name or email address to log in to an account at another company. You might also strongly consider whether you really need to create new, cloud-based accounts containing personally identifiable information in the first place.

Finally, be aware of how phishing and social engineering attacks work and how to guard against them. Avoid clicking links in email, particularly links that demand that you log in. Be aware of where those links go—most email clients, whether programs or Web-based, will allow you to see where a URL goes by hovering over it without clicking. Similarly, keep an eye on the address bar in your browser—a login page to MyFictitiousBank, however legitimate-seeming, is bad news if the URL in the address bar is DougsDogWashing.biz."

https://arstechnica.com/information...ta-leaked-due-to-misconfigured-elasticsearch/
 
The answer there is to stop using Razor products, they have demonstrated they are incapable of handling something as simple as data records appropriately, why should I think them capable of secure drivers, or stable hardware.

Edited for Grammar
 
Last edited:
Yeah and this is the company that's pushed for users to have to login online to access certain driver features. I did see in the article that they've loosened that and allowed an offline "guest mode" but they're still pushing for people to login.

On slightly related note I need to look into what Nvidia is doing in that regard right now before I seriously consider the 3000 series.
 
Wasn't there a AIO cpu cooler a few years ago that has software requiring a internet connection?
 
Ebernanut said:
Yeah and this is the company that's pushed for users to have to login online to access certain driver features. I did see in the article that they've loosened that and allowed an offline "guest mode" but they're still pushing for people to login.

On slightly related note I need to look into what Nvidia is doing in that regard right now before I seriously consider the 3000 series.
Click to expand...

as of a couple of weeks ago anyway, geforce experience still required a login to use. Fortunately it’s quite easy to download drivers direct from their website, so no major issues there, though I am not clear how many value add and nVidia services depend on GeForce experience rather than the hardware driver and therefore unavailable without cloud authentication.
 
FLECOM said:
ya I bought a razer product a while back, think it was a keyboard? needed a giant download and an account to use it, returned it to best buy the next day
Click to expand...
The only reason I got my razer mouse is because it doesn’t require any special drivers unless you want to play around with the lighting. Even then, it doesn’t need an account. If it ever does, it’s going straight in the trash.
 
This constantly happens because there is no real punishment for the companies when their data is mishandled (hacked, leaked, misconfigured systems, etc.). The only way these companies will put any effort into security is if there are STEEP fines.
 
Bankie said:
This constantly happens because there is no real punishment for the companies when their data is mishandled (hacked, leaked, misconfigured systems, etc.). The only way these companies will put any effort into security is if there are STEEP fines.
Click to expand...

Or you know, we could just stop requiring a million accounts with personal data for downloading and using a driver. Why the fuck is a driver a portal for collecting data now.
Not. Everything. Needs. To. Be. Cloud.
 
schoolslave said:
Or you know, we could just stop requiring a million accounts with personal data for downloading and using a driver. Why the fuck is a driver a portal for collecting data now.
Not. Everything. Needs. To. Be. Cloud.
Click to expand...

While true you're not going to get these corporations to stop when they're making money off of it. The only way to get them to stop is to fine them enough for losing the data that it's too risky for them to even attempt.
 
FLECOM said:
ya I bought a razer product a while back, think it was a keyboard? needed a giant download and an account to use it, returned it to best buy the next day
Click to expand...

This, bought a keyboard, and only way to customize the RGB was with an account. Back it went.
 
sphinx99 said:
as of a couple of weeks ago anyway, geforce experience still required a login to use. Fortunately it’s quite easy to download drivers direct from their website, so no major issues there, though I am not clear how many value add and nVidia services depend on GeForce experience rather than the hardware driver and therefore unavailable without cloud authentication.
Click to expand...

I don't think it's nearly as bad with nvidia, although still annoying.

I think the biggest feature in Geforce experience is the gameplay recording stuff like "instant replay" where you push a button save the last 5 minutes to video, it integrates with games to automatically record highlights, and you can also just plain record and stream games.
You of course can still use all that recording hardware with other software like OBS without needing an nvidia login.

I haven't seen any features it has that actually benefit from logging in. And it's annoying when I go in to tweak some recording settings and get prompted to log in. Maybe there is something there that makes sense for a login, but they could just disable that specific feature until you log in.
 
Honestly I don't care anymore. Companies don't care. Government don't care. Only people that benefit are the lawyers that get millions off the class action lawsuits while we get $10 and maybe a year of identity theft protections. All we can do is just watch the world burn and hope you don't live long enough that it reaches your front door.
 
Companies collect Metadata to resell and turn you into profit for them. That isn't a fancy future cyberpunk dystopian future. That is today and has been for quite some time. This article even says it. The problem that Razer had is that they GAVE YOUR DATA AWAY. Not that it got out there... no... they don't care about that. It was given to someone that had the temerity to NOT pay for it! So the real crime according to Razer is that your data left their control without being sold. Because in that software agreement you (and everyone really) blindly clicked through it allowed them to 'share' (sell) your data to their business partners without your futher consent. BUT someone used the portal they set up to SELL your data and managed to STEAL it without a contract saying they could have it.

So really... what has happened here is your data fell into the criminals hands from Razer.. via the portal they have set up to SELL your data to any purchased business partner arrangement.

IMAGINE all of the unreported distribution of your data that happens and is subsequently lost by metadata aggregators.
 
vegeta535 said:
Honestly I don't care anymore. Companies don't care. Government don't care. Only people that benefit are the lawyers that get millions off the class action lawsuits while we get $10 and maybe a year of identity theft protections. All we can do is just watch the world burn and hope you don't live long enough that it reaches your front door.
Click to expand...

same boat, about the only thing i care about is credit card numbers getting leaked so i can cancel/change numbers, everything else is pretty much public data at this point.
 
I think companies allow this to happen in order to pilot their credit monitoring service.
 
Deleted my Razer account. I don't need my mouse settings stored anywhere but my computer. Thanks.
 
Ebernanut said:
Yeah and this is the company that's pushed for users to have to login online to access certain driver features. I did see in the article that they've loosened that and allowed an offline "guest mode" but they're still pushing for people to login.

On slightly related note I need to look into what Nvidia is doing in that regard right now before I seriously consider the 3000 series.
Click to expand...
To be fair, this was a thing before the data breach. I have a razer mouse and keyboard, but don't have synapse (or w/e they are calling it) installed. I did purchse directly from them at one point, so I don't doubt if I was in there... I'll just add that to the list of companies and government entities that have exposed my PII at this. Maybe I can sign up for even more identity theft protection, yay. I agree with the above though, laways rake in millions, the people effected get pennies, the government doesn't give 2 craps, and the company gets a slap on the wrist. This wasn't even a "breach", they just exposed all the data straight out there, lol.
 
You must log in or register to reply here.
Back
Top