Cooler Master hit by mega data breach — PC equipment maker sees customer info stolen

(Image credit: Milan_Jovic)

A hacker claims to have breached the servers of Cooler Master and stolen gigabytes of sensitive corporate and customer information, including payment data.

A threat actor calling themselves “Ghostr” reached out to TechRadar Pro, saying they breached the computer hardware maker, providing a small sample of the stolen data as confirmation.

Cooler Master is a well-known technology company specializing in the manufacturing of computer hardware and peripherals. It was founded in 1992 in Taipei, Taiwan, and has made a name for itself building computer cases, power suppliers, and most notably - different types of coolers.

No word from Cooler Master yet

In the email, Ghostr says the hack took place on May 18 2024, and that they stole more than 103GB of company databases.

“This data breach included Cooler Master corporate, vendor, sales, warranty, inventory and HR data as well as over 500,000 of their Fanzone members personal information, including name, address, date of birth, phone, email + plain unencrypted credit card information containing name, credit card number, expiry, and 3 digits CC code,” the hackers said.

Fanzone is a dedicated website where users can register their gear’s warranty, submit return merchandise authorization requests, reach out to customer support, and more. 

So far, Cooler Master has not responded to the claims. The company’s website and social media channels made no mention of the claims, and we have reached out via email asking for additional information. We will update the article should we hear from the company any time soon.

Whether or not Ghostr’s claims are legitimate remains to be seen. BleepingComputer has analyzed a sample of the leaked data and confirmed its authenticity. However, there is no evidence that any payment information was stolen, so when it comes to the legitimacy of Ghostr’s claims, the jury is still out. 

More from TechRadar Pro

Sead is a seasoned freelance journalist based in Sarajevo, Bosnia and Herzegovina. He writes about IT (cloud, IoT, 5G, VPN) and cybersecurity (ransomware, data breaches, laws and regulations). In his career, spanning more than a decade, he’s written for numerous media outlets, including Al Jazeera Balkans. He’s also held several modules on content writing for Represent Communications.