Scam Warning: MSI Exposes 600,000+ Warranty Records

[nullpc]

TLDW:

• Over 600K RMA records were exposed publicly due to their intranet site being exposed publicly, without auth and for all crawlers to see.
• Proof of purchase links allegedly publicly accessible, not crawlable.
• Records include customer information such as emails, phone numbers, addresses.
• The portal also had functionality to re-send RMA, tracking info, see the RMA form.
• MSI seems to have fixed it now and the site is no longer public.

 

[Futureized]

Every other day a tech giants loopholes, exposes public information

 

[t3chg33k]

It follows the previous one from Zotac, in case that was missed.

 

[Incognitux]

Zotac was also called out for something like this just a few days ago, now MSI; ASUS was also under fire for bad RMA practices and GALAX india also seems to be refusing valid RMAs. Why is all this happening at the same time?

 

[altair21]

That's why you don't cheap out on people who are building out your site/infra and actually listen to them