SCUF Gaming recently exposed over one million customer records. The database contained the names and information of individuals who had purchased from the gamepad company. This was in addition to other potentially identifying data.

SCUF Gaming International, founded in 2010, is owned by Corsair Components, an American computer hardware company. Corsair specializes in computer accessories, such as flash drives, headsets, keyboards, and wireless drives. In contrast, SCUF Gaming focuses on consoles by providing third-party controllers to PlayStation owners. Customers can customize controllers to suit their preferences, before purchasing from the SCUF Gaming website.

Related: How an Apple Webcam Hack Could Have Put iOS & MacOS s at Risk

Recently, Bitcoin. Once notified, SCUF Gaming quickly investigated the issue and secured the databases, but was unable to confirm the source of the data. However, a Corsair spokesperson told Comparitech that the data was intact and that the database wasn’t exposed long enough for the malicious bot to any information. On April 10, SCUF alerted its customers of the breach, promising that while the breach had occurred, no critical information had been stolen.

Data Exposure Places Customers At Risk

While SCUF Gaming and Corsair reported that no information had been stolen, it’s unknown if the hackers had accessed the data or recorded it by an alternative method. With the records, an outside party could bolster their phishing attempts by posing as SCUF Gaming. It’s irable that SCUF notified the public about the exposure, but they should also take this opportunity to reinforce their online security protocols. While the affected database didn’t hold things like full credit card information and s, the data it did hold included information such as people’s shipping and billing addresses, which could still be used for malicious purposes.

Online stores like SCUF Gaming and Amazon hold people’s data for customer convenience and advertising purposes, among other reasons. Its common for these stores to obscure everything, but the last few digits of a credit card number. Technically, the same could be done for people’s addresses. While access to someone's address isn’t as immediately dangerous as obtaining a credit card number, obscuring them would still add an extra layer of protection, and could go a long way towards keeping customers safe from a future data breach.

 Next: Coronavirus Tracing Vs. Privacy: European Coalition Commits To Both

Source: Comparitech