Security News > 2024 > May > Cooler Master hit by data breach exposing customer information
Computer hardware manufacturer Cooler Master has suffered a data breach after a threat actor breached the company's website and claimed to steal the Fanzone member information of 500,000 customers.
Yesterday, a threat actor by the alias 'Ghostr' contacted BleepingComputer and claimed to have stolen 103 GB of data from Cooler Master on May 18th, 2024.
"This data breach included cooler master corporate, vendor, sales, warranty, inventory and hr data as well as over 500,000 of their fanzone members personal information, including name, address, date of birth, phone, email + plain unencrypted credit card information containing name, credit card number, expiry and 3 digits cc code," the threat actor told BleepingComputer.
The threat actor said they attempted to contact the company for payment not to leak or sell the data, but Cooler Master did not respond.
BleepingComputer has confirmed with numerous Cooler Master customers in this file that the listed data is correct and that they opened an RMA or support ticket on the date specified in the leaked sample.
While the information in this RMA data is confirmed to be legitimate for the customers who responded to our emails, BleepingComputer was unable to verify the other data.
News URL
Related news
- Dutch Police: ‘State actor’ likely behind recent data breach (source)
- Comcast and Truist Bank customers caught up in FBCS data breach (source)
- Internet Archive hacked, data breach impacts 31 million users (source)
- Internet Archive data breach, defacement, and DDoS: Users’ data compromised (source)
- Fidelity Investments says data breach affects over 77,000 people (source)
- Fidelity Data Breach Exposes Data of Over 77,000 Customers (source)
- USDoD hacker behind National Public Data breach arrested in Brazil (source)
- Tech giant Nidec confirms data breach following ransomware attack (source)
- Insurance admin Landmark says data breach impacts 800,000 people (source)
- Henry Schein discloses data breach a year after ransomware attack (source)