Razer investigating Razer Gold data breach

Gaming hardware company Razer is investigating what it calls a “potential data breach” related to its Razer Gold digital currency, the company confirmed to Polygon on Monday. The monetary device is used in multiple video games. Razer began investigating the leak after a hacker attempted to sell the data for $100,000. according to a tweet from the Razer Twitter account.

Razer originally responded to a tweet from a cybersecurity firm on Monday Falcon feed who claimed that a hacker is trying to sell a collection of data from Razer, including the source code and encryption keys. The data breach has not been confirmed by Razer, but a spokesperson told Polygon that the company has “taken all necessary steps to [its] platforms” after being alerted to the threat on Sunday. The hacker, calling himself “Nationalist,” is asking for $100,000 in a cryptocurrency called Monero, which Falcon Feeds says enables untraceable transactions.

Razer Gold is a digital wallet service that contains “credits” that can be spent in video games, such as clash of clans, Genshin effect, or for example in the Nintendo eShop. When you use Razer Gold, you earn rewards called Razer Silver. Those Razer Silver Reward Points can be used to purchase Razer products or get discounts. It’s unclear what part of Razer Gold is affected, whether that’s the website or the wallet itself.

Here’s Razer’s full statement:

We were alerted on July 9, 2023 to a possible hack affecting Razer Gold. Upon learning of the breach, the team immediately conducted a thorough investigation of all Razer websites and took all necessary steps to secure our platforms. Razer is still in the midst of its investigation and we remain committed to ensuring the digital safety and security of all our customers. Once the investigation is complete, Razer expects us to report this matter to the relevant authorities.

This would be the second major breach for Razer in the past few years after an incident in 2020 involving Razer accidentally leaked personal data of more than 100,000 customers. It blamed IT company Capgemini for that breach, and was awarded $6.5 million in damages in a Singapore court. Capgemini appealed the decision Monday, the same day Razer’s new breach was publicly announced.