{ "id": "92712f62-9bcb-482b-b7c9-368fd1224104", "created_at": "2026-04-06T00:16:50.405192Z", "updated_at": "2026-04-10T13:11:29.618576Z", "deleted_at": null, "sha1_hash": "a57f9e6404a14fdd6a23e831090cc7d5c0bb309c", "title": "Cooler Master confirms customer info stolen in data breach", "llm_title": "", "authors": "", "file_creation_date": "0001-01-01T00:00:00Z", "file_modification_date": "0001-01-01T00:00:00Z", "file_size": 643586, "plain_text": "Cooler Master confirms customer info stolen in data breach\r\nBy Lawrence Abrams\r\nPublished: 2024-05-30 · Archived: 2026-04-05 18:40:18 UTC\r\nComputer hardware manufacturer Cooler Master has confirmed that it suffered a data breach on May 19, allowing a threat\r\nactor to steal customer data.\r\nCooler Master is a popular computer hardware manufacturer known for their cooling devices, computer cases, power\r\nsupplies, and other peripherals.\r\nBleepingComputer reported yesterday that a threat actor known as 'Ghostr' told us they hacked the company's Fanzone\r\nwebsite on May 18 and downloaded its linked databases.\r\nhttps://www.bleepingcomputer.com/news/security/cooler-master-confirms-customer-info-stolen-in-data-breach/\r\nPage 1 of 4\n\n0:00\r\nhttps://www.bleepingcomputer.com/news/security/cooler-master-confirms-customer-info-stolen-in-data-breach/\r\nPage 2 of 4\n\nVisit Advertiser websiteGO TO PAGE\r\nCooler Master's Fanzone site is used to register a product's warranty, request an RMA, or open support tickets, requiring\r\ncustomers to fill in personal data, such as names, email addresses, addresses, phone numbers, birth dates, and physical\r\naddresses.\r\nGhostr said they were able to download 103 GB of data during the Fanzone breach, including the customer information of\r\nover 500,000 customers.\r\nThe threat actor also shared data samples, allowing BleepingComputer to confirm with numerous customers listed in the\r\nbreach that their data was accurate and that they recently requested support or an RMA from Cooler Master.\r\nOther data in the samples included product information, employee information, and information regarding emails with\r\nvendors. The threat actor claimed to have partial credit card information, but BleepingComputer could not find this data in\r\nthe data samples.\r\nAfter contacting Cooler Master on Tuesday, the company has confirmed to BleepingComputer that they suffered a data\r\nbreach and are in the process of notifying customers.\r\n\"We can confirm on May 19, Cooler Master experienced a data breach involving unauthorized access to customer data. We\r\nimmediately alerted the authorities, who are actively investigating the breach. Additionally, we have engaged top security\r\nexperts to address the breach and implement new measures to prevent future incidents. These experts have successfully\r\nsecured our systems and enhanced our overall security protocols.\r\nWe are in the process of notifying affected customers directly and advising them on next steps. We are committed to\r\nproviding timely updates and support to our customers throughout this process.\"\r\n❖ Cooler Master\r\nThe threat actor now says they will sell the leaked data on hacking forums but has not disclosed the price.\r\nWhile only a limited amount of data has been shared by the threat actor, if there is indeed information about 500,000 Cooler\r\nMaster customers, then there is a good chance it will be sold to another threat actor.\r\nTherefore, all Cooler Master customers who have registered an account on the company's Fanzone site should be on the\r\nlookout for targeted phishing emails and other social engineer attacks designed to steal further personal information.\r\nhttps://www.bleepingcomputer.com/news/security/cooler-master-confirms-customer-info-stolen-in-data-breach/\r\nPage 3 of 4\n\nAutomated Pentesting Covers Only 1 of 6 Surfaces.\r\nAutomated pentesting proves the path exists. BAS proves whether your controls stop it. Most teams run one without the\r\nother.\r\nThis whitepaper maps six validation surfaces, shows where coverage ends, and provides practitioners with three diagnostic\r\nquestions for any tool evaluation.\r\nSource: https://www.bleepingcomputer.com/news/security/cooler-master-confirms-customer-info-stolen-in-data-breach/\r\nhttps://www.bleepingcomputer.com/news/security/cooler-master-confirms-customer-info-stolen-in-data-breach/\r\nPage 4 of 4", "extraction_quality": 1, "language": "EN", "sources": [ "ETDA" ], "origins": [ "web" ], "references": [ "https://www.bleepingcomputer.com/news/security/cooler-master-confirms-customer-info-stolen-in-data-breach/" ], "report_names": [ "cooler-master-confirms-customer-info-stolen-in-data-breach" ], "threat_actors": [ { "id": "6e8effad-d9fb-4b49-bba4-9b4e5953356d", "created_at": "2024-04-23T02:00:04.243074Z", "updated_at": "2026-04-10T02:00:03.630533Z", "deleted_at": null, "main_name": "GhostR", "aliases": [], "source_name": "MISPGALAXY:GhostR", "tools": [], "source_id": "MISPGALAXY", "reports": null }, { "id": "b4f79ca0-e94b-4abe-a61e-ea3d2a2458ad", "created_at": "2022-10-25T16:07:24.444096Z", "updated_at": "2026-04-10T02:00:04.994412Z", "deleted_at": null, "main_name": "ALTDOS", "aliases": [ "0mid16B", "ALTDOS", "Desorden", "GHOSTR" ], "source_name": "ETDA:ALTDOS", "tools": [ "Agentemis", "Cobalt Strike", "CobaltStrike", "cobeacon" ], "source_id": "ETDA", "reports": null } ], "ts_created_at": 1775434610, "ts_updated_at": 1775826689, "ts_creation_date": 0, "ts_modification_date": 0, "files": { "pdf": "https://archive.orkl.eu/a57f9e6404a14fdd6a23e831090cc7d5c0bb309c.pdf", "text": "https://archive.orkl.eu/a57f9e6404a14fdd6a23e831090cc7d5c0bb309c.txt", "img": "https://archive.orkl.eu/a57f9e6404a14fdd6a23e831090cc7d5c0bb309c.jpg" } }