Razer wins lawsuit against IT vendor over data leak, awarded S$8.7m in damages
Gaming hardware company Razer has won its lawsuit against an IT vendor over a data leak and was awarded S$8.7 million in damages by the High Court on Friday (Dec 9).
Shipping information and order details of thousands of customers worldwide were leaked in a widely reported cybersecurity breach in September 2020. The gaming firm, which is dual-headquartered in Singapore and the United States, sued the vendor, Capgemini, in the same year over the breach.
The damages awarded comprised largely US$6.1 million in loss of profits from Razer’s e-commerce platform.
The amount awarded also included about US$60,000 that Razer paid for a forensic expert to investigate the incident, about US$320,000 to engage a law firm to deal with regulators, and a US$2,000 payment to cybersecurity consultant Bob Diachenko, who discovered the breach.
The dispute arose over the misconfiguration of a server file, which in turn led to the data leak.
Razer, represented by Wendell Wong and Andrew Chua of Drew and Napier, said the misconfiguration occurred during a 16-minute window on Jun 18, 2020.
GET BT IN YOUR INBOX DAILY
Start and end each day with the latest news stories and analyses delivered straight to your inbox.
Razer said former Capgemini employee Argel Cabalag, who was tasked to do troubleshooting after Razer staff could not log in to the system, was the only one who accessed the server during the 16-minute window.
Razer said Cabalag added a “#” command to a configuration file that controlled security to a computer application. This misconfiguration allowed unauthenticated access into the application.
Capgemini, represented by Senior Counsel Andre Yeap of Rajah & Tann, said its employee did not cause the misconfiguration and suggested that new IP addresses set up by Razer could have been the cause.
However, on the sixth day of trial, Cabalag admitted that he had been the one who had caused the misconfiguration.
In a written judgment, Justice Lee Seiu Kin found that Cabalag’s assistance on the login problem fell within the scope of work set out in a April 2020 agreement between the parties.
The judge said Capgemini had breached its contractual obligations to Razer and had also been negligent in its response to Razer’s login problem. THE STRAITS TIMES
KEYWORDS IN THIS ARTICLE
BT is now on Telegram!
For daily updates on weekdays and specially selected content for the weekend. Subscribe to t.me/BizTimes
Startups
Vietnam education startup Prep bags US$7 million in Series A funding
Cruise operator Viking prices IPO within range to raise US$1.54 billion: source
Ninja Van axes more than 20 employees in tech team in Singapore
Temasek-backed PsiQuantum to build first commercial quantum computer
Fast-fashion giant Shein wants to sell skincare, toothpaste and toys, too
GoTo narrows Q1 loss to 420 billion rupiah with TikTok deal, cost cuts