YouTube Investigators Say MSI Exposed 600K+ Warranty Records Via an Open Server 16
ewhac (Slashdot reader #5,844) writes:
Friday the hardware review site Gamers Nexus filed a YouTube video report alleging some serious claims: that PC component manufacturer MSI left their internal warranty and RMA processing web site accessible to the open Internet, with no authentication. Virtually the entire history of MSI warranty claims going back to at least 2017 were searchable and accessible for the browsing, including customer names, email addresses, phone numbers, and serial numbers of MSI devices.
This event follows closely on the heels of a video report just a few days earlier alleging PC component manufacturer Zotac left their warranty/RMA and B2B records server open to indexing by Google.
Gamers Nexus posted their reports after informing Zotac and MSI of their open servers and verifying they were no longer accessible. However, the data from MSI's server could have been fully scraped at this point, giving scammers a gold mine of data permitting them to impersonate MSI personnel and defraud customers. Anyone who's filed a warranty or RMA claim with MSI in the past seven years should exercise caution when receiving unsolicited emails or phone calls purporting to be from MSI.
This event follows closely on the heels of a video report just a few days earlier alleging PC component manufacturer Zotac left their warranty/RMA and B2B records server open to indexing by Google.
Gamers Nexus posted their reports after informing Zotac and MSI of their open servers and verifying they were no longer accessible. However, the data from MSI's server could have been fully scraped at this point, giving scammers a gold mine of data permitting them to impersonate MSI personnel and defraud customers. Anyone who's filed a warranty or RMA claim with MSI in the past seven years should exercise caution when receiving unsolicited emails or phone calls purporting to be from MSI.
"Virtually the entire history of MSI claims" (Score:3)
"Virtually the entire history of MSI warranty claims going back to at least 2017"
Micro Star (MSI) goes back to 1986, that word "Virtually" is doing a lot of heavy lifting in this sentence
Re: (Score:2)
The actual cost of semantics. (Score:2)
Do semantics matter that much to you?
If the company reporting that exaggeration even one time was labeled as virtually lying every time they write something, yeah. They would certainly see the point when exaggerative bullshit is turned against them.
Claiming a company’s entire customer history going back forever has been stolen, is a hell of a lot worse than what actually happened. They’re also a public company, so perhaps shareholders should sue lying reporters to drive the point home further.
Re: (Score:2)
But hey... just reading summaries someone else wrote is enough I guess.
Re: (Score:2)
Considering the title is right.
Since when does a theft of data from 2017-present for a company damn near 40 years old warrant describing the hack using prepended statements like “virtually the entire history of MSI..”?
Accurate title my ass. It’s shit wordsmithing abused for sensationalism. And facts matter when you’re shit-talking a public company. They would have likely fired their CFO if they reported something like that.
Re: (Score:2)
Is it so hard to parse something? You think it isn't accurate and it's wordsmithing so let me explain where you went wrong:
"Virtually the entire history of " refers to "MSI warranty claims going back to at least 2017", it doesn't refer to "MSI" as an entity since it isn't in possessive form.
The "warranty claims" are what customers filed against MSI and virtually all those "MSI warranty claims" could be accessed by anyone since 2017.
Re: (Score:2)
Is it so hard to parse something? You think it isn't accurate and it's wordsmithing so let me explain where you went wrong:
"Virtually the entire history of " refers to "MSI warranty claims going back to at least 2017", it doesn't refer to "MSI" as an entity since it isn't in possessive form.
Regardless of the grammar semantics, you have done nothing but prove my point in that the “Virtually the entire history of” statement was nothing but exaggerative bullshit and completely unnecessary to describe the situation that actually happened to support factual reporting.
And unfortunately for Facts, clickbait bullshit is literally now valued in society as much as narcissism is. (One can’t argue that the very best of our attention whores on social media are in fact multi-millionaires,
Re: (Score:2)
So how would you describe that virtually the entire history of customers' warranty claims was accessible since 2017?
Complaining about "clickbait bullshit" for a sentence that occurs in the text and not the headline is stretching that definition quite a bit, to borrow your words about such practice: "Itâ(TM)s shit wordsmithing abused for sensationalism."
Semantics turned to shit. (Score:2)
So how would you describe that virtually the entire history of customers' warranty claims was accessible since 2017?
”A system security problem was reported today to MSI, with customer warranty records from 2017 to present being available to anyone with the address online. The company has reported that while this represents a small fraction of private information, they have taken the issue very seriously, correcting the access problem immediately after being notified. It is not yet known whether customer warranty records were actually taken or distributed further, but the ethical hacker did notify MSI of the breac
Who comes up with these headlines? (Score:5, Insightful)
Seriously, YouTube had nothing to do with the investigation, the video is just being posted there.
Now, get off my lawn.
Re:Who comes up with these headlines? (Score:5, Funny)
Re:Who comes up with these headlines? (Score:5, Insightful)
Re: (Score:2)
They are consumer rights driven.
No Sweat. All My MSI Boards Still Run Proper. (Score:2)
Never needed RMA service. My data is safe. I never send in warranty cards.
After the jiffy pop issues of their early boards they have been issue free for me and my customers. ASUS not so much. And we won't even discuss Gigglebytes.
This is about your extended warranty (Score:2)
Orshould I say, your very public extended warranty