Taiwanese hardware and electronics company Acer has recently confirmed that it suffered a data breach after a threat actor infiltrated one of its document servers that were being used by its repair technicians. “While our investigation is ongoing, there is currently no indication that any consumer data was stored on that server,” an Acer spokesperson told The Register.
Acer’s announcement comes after a cybercriminal who goes by the name “Kernelware” started selling what appears to be 160GB of data stolen from Acer, including 655 directories and 2,869 files. According to the threat actor, the stolen data included the following:
- Confidential slides and presentations
- Staff technical manuals
- Windows Imaging Format files
- Backend infrastructure data
- Confidential product documents
- Replacement Digital Product Keys
- ISO files
- Windows System Deployment Image files
- BIOS components
- ROM files
To prove that the data is legitimate, Kernelware shared screenshots of technical schematics for the Acer V206HQL display, documents, BIOS definitions, and confidential documents. The threat actor said that they will only sell via a middleman and accept the cryptocurrency Monero, potentially a move to ensure that the transaction will not be easily traced. There’s no apparent public price set as the cybercriminal wants interested buyers to privately message them.
This is not the first time that Acer suffered a security incident. Back in March of 2021, the computer maker suffered a ransomware attack wherein the cybercriminals demanded a $50,000,000 ransom. Seven months later, it confirmed that its after-sales systems in India had been breached by a hacking group, resulting in over 60GB of data stolen.
Source: The Register