Acer confirms 160GB data breach

But denies any customer data was involved

Acer confirms data breach but denies customer data involvement

Image:
Acer confirms data breach but denies customer data involvement

Taiwanese computer giant Acer has confirmed that hackers have stolen 160GB of data, which is now up for sale online.

The company detected unauthorised access on one of its document servers used by repair technicians. It says no consumer data was stored on the affected server.

Acer confirmed the breach after a threat actor going by the alias "Kernelware" started selling what they claimed to be 160GB of company data on a hacking forum.

Kernelware said the alleged breach took place in mid-February 2023 and that they had stolen a significant amount of sensitive information, consisting of 655 directories and 2,869 individual files.

The data allegedly includes confidential slides, software tools, details about backend infrastructure and documentation for product models of phones, tablets, and laptops; as well as BIOS images, ISO files, ROM files and replacement digital product keys.

To substantiate their claims, the threat actor published screenshots of technical schematics for the Acer V206HQL display, BIOS definitions and other confidential documents.

Kernelware said they would sell the entire dataset to the highest bidder. They are only accepting payment in the Monero cryptocurrency, which is difficult to trace.

They also suggested using a middleman to ensure a successful sale.

While the authenticity of the data is still unclear, the threat actor's readiness to involve a third-party and their assurance of the information's quality suggests Acer should take them seriously.

An Acer spokesperson told BleepingComputer: "We have recently detected an incident of unauthorised access to one of our document servers for repair technicians.

"While our investigation is ongoing, there is currently no indication that any consumer data was stored on that server."

Acer, headquartered in Taiwan, produces an extensive range of computing products, such as Windows laptops, desktops, Chromebooks, monitors and Android tablets, and employs nearly 7,500 people worldwide.

The company has experienced multiple security breaches in the past few years.

In March 2021, ransomware group REvil encrypted Acer's systems and demanded a $50 million ransom. The company supposedly countered with an offer of $10 million, which the hackers refused.

In October the same year, Acer admitted a hacking group known as Desorden had compromised its after-sales computer systems in India. Over 60GB of data, which included the records of thousands of customers, retailers and distributors, was stolen from its servers.

The threat of data breaches is an ever-present issue that demands continuous vigilance and preparedness to minimise the risks involved.

Both individuals and organisations should take steps to safeguard sensitive data and systems.

That could include using robust passwords; deploying multi-factor authentication; ensuring you regularly update software and firmware; and monitoring for signs of unusual or suspicious activity.