Taiwanese computing brand Acer has confirmed that one of its servers got hacked. Cybercriminals broke into “document servers for repair technicians”, and made of with 160GB of data, which have since been put up for sale.
HackRead reports that the sale of the data was posted by one Kernelware, who claims that the massive dump of data includes 655 directories and 2869 files. Emphasising the size of the haul was the claim that “it’ll take me days to go through the list of what was breached”. The hack itself is reported to have occurred in mid February of this year, before being posted on the hacker forum BreachForums.
According to a statement to The Register, Acer says that it is still investigating, but for now there’s no sign that consumer data was stored in the server that was hacked. Which makes sense, since it’s one meant for repair technicians. But that still means that hackers with access to the data dump will be able to see things like replacement digital product keys, ISO and ROM files, and BIOS components, among other files that the company considers sensitive.
The report also quotes Erich Kron, a security awareness advocate with KnowBe4, as saying the information that was breached would be valuable to competitors and bad actors alike. The former for simply getting the upper hand in the “very competitive world of electronics and technology”, while the latter to bypass security measures for all sorts of nefarious ends.
Acer has had it pretty rough these past couple of years, at least in the realm of cybersecurity. Back in 2021, the company suffered an episode at the hands of the hacker group REvil, who then demanded a US$50 million ransom. That was noted to be the largest ransom amount up until that point in time.
(Source: HackRead, The Register)
