Cooler Master breached, members exposed

Cooler Master, a popular computer hardware maker, has allegedly suffered from a data breach, exposing the company’s corporate data as well as the personal details of members from its fan-based members program. Cooler Master confirmed the company was breached.

The attackers claim to have stolen 103GB of data from the company’s servers on May 18th. According to the attacks’ perpetrators, the allegedly stolen information carries a trove of sensitive data, including Cooler Master’s Fanzone members’ payment card details.

The company confirmed that the breach indeed took place. Cooler Master claims it experienced the attack on May 19th.

“Cooler Master experienced a data breach involving unauthorized access to customer data. We immediately alerted the authorities, who are actively investigating the breach. Additionally, we have engaged top security experts to address the breach and implement new measures to prevent future incidents,” the company said.

Cooler Master said it will notify impacted customers directly and advise them on what steps should they take to mitigate the impact.

The hacker behind the attacks provided a data sample, including details on around one thousand users. The Cybernews research team has reviewed the sample and concluded that it appears to be legitimate. However, the data sample did not contain Fanzone members' payment card details.

The sample included information on Cooler Master products, some employee email addresses as well as some of the Fanzone members’ email addresses. Fanzone is Cooler Master’s loyalty program, providing clients with members-only events, special promotions, and various rewards.

Meanwhile, the attackers claim to have obtained Fanzone member’s names, addresses, dates of birth, phone numbers, email addresses, and unencrypted credit card information such as credit card numbers, CC codes, and expiration dates. If confirmed, the breach could severely endanger Cooler Master users’ privacy and finances.

The cybercriminals behind the attack, going by the moniker Ghostr, say the breach also netted company data, including vendor, sales, warranty, inventory, and human resources-related documents.

Launched in 1992, Taiwan-based Cooler Master has established its name among tech and computer enthusiasts across the globe. The company operates branches in Asia, Europe, and the Americas.

Updated on May 30th [12:15 p.m. GMT] with a statement from Cooler Master.