Acer Confirms Probe Of Document Server Breach

Hackers reportedly listed 160-gigabyte database for sale from the Taiwanese PC vendor, which says that consumer data wasn’t in that file.

ARTICLE TITLE HERE

Acer has confirmed to CRN that someone breached a document server for repair technicians, but so far, consumer data appears safe.

“We have recently detected an incident of unauthorized access to one of our document servers for repair technicians,” an Acer spokesperson said in a statement. “While our investigation is ongoing, there is currently no indication that any consumer data was stored on that server.”

Multiple media outlets have reported that the hacker listed for sale a 160 gigabyte (GB) database stolen from the PC vendor.

id
unit-1659132512259
type
Sponsored post

Someone using the name Kernelware listed the trove – including 655 directories and 2,869 files – on BreachForums in exchange for Monero cryptocurrency as payment, according to The Register.

[RELATED: Security Hot Take: Not Every MSP Should Be An MSSP]

Acer Confirms Document Server Breach

The hacker’s proof of the solen data included screenshots of technical schematics for the Acer V206HQL display, documents, BIOS definitions, and confidential documents, according to BleepingComputer.

The hacker’s trove includes:

*Confidential slides

*Presentations

*Staff technical manuals

*Windows Imaging Format files

*Binaries

*Backend infrastructure data

*Confidential product documents

*Replacement Digital Product Keys

*Windows System Deployment Image files

Security news site Hackread reported that the breach happened in mid-February.

Acer previously dealt with ransomware group REvil in 2021.

This year hasn’t seen too many major security incidents so far. T-Mobile revealed in January that it was actively investigating a data breach that potentially affected 37 million user accounts.

And in February, a United States Department of Defense spokesperson told CRN that the agency was “aware of the potential exposure of DoD unclassified, commercially cloud-hosted data to the Internet” for two months before an independent security researcher spotted the leak.

And vendors including Microsoft and Apple have worked to address vulnerabilities detected in their products and services.