Acer confirms knowledge breach after hacker lists trove of stolen materials on the market
What simply occurred? Acer has confirmed that an unauthorized person just lately broke into one in all its knowledge servers. While the corporate’s investigation remains to be ongoing, the Taiwanese PC specialist mentioned there was no indication that any shopper knowledge was saved on the compromised servers. That doesn’t suggest it isn’t an issue, although, as technical documentation and company IP falling into the fallacious fingers can nonetheless trigger plenty of injury.
Earlier this week, a hacker posted a categorised advert asking to purchase 160GB of “varied confidential materials” from Acer. The vendor claims that the batch contains 2,869 recordsdata in 655 directories, together with every part from service manuals, ISO recordsdata, BIOS and ROM recordsdata, confidential slides/displays, and extra.
The hackers mentioned there was a lot content material that it could take days simply to catalog every part. The vendor added that they solely settle for fee in Monero, a decentralized cryptocurrency, and can solely transact with middlemen. No worth is listed; the best bidder could get the merchandise.
An Acer spokesman advised The Register that the server in query hosted recordsdata utilized by restore technicians.
As safety professional Erich Kron rightly emphasizes, not all knowledge breaches must include monetary particulars or details about clients or workers with a view to trigger injury. “In this case, Acer could think about disclosing a few of its mental property and doubtlessly delicate firm paperwork,” Kron added.
Technical particulars about merchandise or firm procedures may be extraordinarily beneficial to opponents in search of to duplicate Acer’s success. What’s extra, hackers can glean necessary insights in regards to the internal workings of a services or products from paperwork that might result in new assaults.
This is just not the primary main safety incident that Acer has handled just lately. Back in March 2021, the corporate was hit by the REvil ransomware. The attackers demanded $50 million in Monero in alternate for the decryption key.
Just a few months later, hackers breached Acer servers working in India, reportedly stealing 60GB of information within the course of. A secondary assault on servers in Taiwan adopted. In each incidents, a bunch known as Desorden claimed duty.
Image credit score: Hugo Clement