- The Acer hack is confirmed, threat actors hacked into a server hosting private documents for repair technicians.
- The hacker claims to have stolen technical manuals, software tools, product model documentation, BIOS images, ROM files, ISO files, and replacement digital product keys.
- Evidence of the theft included screenshots of technical schematics and confidential documents, and the hacker has advertised the entire dataset for sale on a popular hacking forum.
- This latest incident is not the first security breach for Acer, which has also faced ransomware attacks and data breaches in the past few years.
Acer, a leading computer manufacturer based in Taiwan, recently acknowledged that it was the victim of a data breach that occurred when malicious actors hacked into a server storing confidential documents utilized by repair technicians.
Acer hack is confirmed
Despite this unfortunate event, Acer has announced that their ongoing investigation has thus far shown no signs that this breach has affected customer information. However, the confirmation of the breach came shortly after a hacker began advertising a purported 160GB of data that they claimed was stolen from Acer in February 2023, available for sale on a popular hacking forum.
According to the threat actor, the stolen data from the Acer breach includes an array of technical manuals, software tools, details on backend infrastructure, product model documentation for laptops, tablets, and phones, as well as BIOS images, ROM files, ISO files, and replacement digital product keys (RDPK).
The hacker has provided evidence of the theft, sharing screenshots of technical schematics for the Acer V206HQL display, BIOS definitions, and confidential documents. The perpetrator has also stated that they intend to sell the entire dataset to the highest bidder, with the condition that the payment must be made using the privacy-focused cryptocurrency Monero (XMR), which is notoriously difficult to trace.
A representative from Acer verified to BleepingComputer that one of its document servers experienced a breach, after being contacted regarding the data breach:
“We have recently detected an incident of unauthorized access to one of our document servers for repair technicians. While our investigation is ongoing, there is currently no indication that any consumer data was stored on that server.”
-Acer
This most recent data breach marks the latest in a series of security incidents that Acer has faced in recent years. In March 2021, the company was targeted by the REvil ransomware gang, who demanded an unprecedented ransom of $50,000,000 in exchange for a decryption tool while also threatening to release sensitive financial documents.
Additionally, in October of the same year, Acer confirmed that its after-sales systems in India had been breached by the hacking group Desorden, resulting in the theft of over 60GB of data, including confidential records of tens of thousands of customers, distributors, and retailers. Notably, Desorden also hacked into Acer Taiwan’s servers during the same period, obtaining access to employee information such as login credentials.
Cybercriminals could potentially use the stolen information for nefarious purposes such as blackmail, identity theft, and fraud. Moreover, the disclosure of Acer’s backend infrastructure and product models may expose weaknesses that other attackers can exploit.
To safeguard against data breaches and cyberattacks, it is recommended that individuals and organizations take proactive measures such as employing robust passwords, enabling multi-factor authentication, regularly updating their software and firmware, and being vigilant for any unusual activity.
Given the ongoing and changing nature of cyber threats, it is essential to remain alert and well-prepared to counter any potential risks.