The personal information of around 100,000 customers of gaming hardware maker Razer was publicly available for almost a month, according to a recent security report by researcher Volodymyr Diachenko.

Diachenko, in a LinkedIn blog post, said the exposed information included the full name, email, phone number, customer internal ID, order number, order details, billing address, and shipping address of customers.

The customer data was made publicly available due to a server misconfiguration, which he spotted as indexed on public search engines on August 18.

It took Razer around 3 weeks to seal the leak, as his attempts to contact Razer were not getting to the right people within the company.

Razer said it fixed the misconfiguration on September 9, and apologized for the lapse. It also took “all necessary steps to fix the issue as well as conduct a thorough review of our IT security and systems.”

While Razer says no sensitive information, such as payment data, was exposed, the leaked personal information could be used to send phishing emails to unsuspecting Razer users or commit other acts of fraud.

A separate Razer statement sent to The Verge added that customers who wanted to ask questions about the leak can reach out to DPO@razer.com. – Rappler.com