Acer Gets Pwned…. But The Company Downplays Extent Of The Hack

This is not a good look for computer maker Acer. The company has confirmed that they have been pwned by hackers:

Acer has confirmed someone broke into one of its servers after a miscreant put up for sale a 160GB database of what’s claimed to be the Taiwanese PC maker’s confidential information.

“We have recently detected an incident of unauthorized access to one of our document servers for repair technicians,” an Acer spokesperson told The Register on Tuesday. “While our investigation is ongoing, there is currently no indication that any consumer data was stored on that server.”

According to a Monday post on cyber crime hangout BreachForums by a rapscallion going by the name Kernelware, the “various confidential stuff” allegedly stolen from Acer totals 160GB, including 655 directories and 2,869 files.

Kernelware claimed the stolen goods included confidential slides and presentations, staff technical manuals, Windows Imaging Format files, binaries, backend infrastructure data, confidential product documents, Replacement Digital Product Keys, ISO files, Windows System Deployment Image files, BIOS components, and ROM files.

“Honestly, there’s so much shit that it’ll take me days to go through the list of what was breached lol,” Kernelware bragged. 

This data is now up for sale. But the thing is, I am not a believer that customer data is not part of that. Because LastPass said something similar when they got pwned, and we all know how that ended.

Tim Schultz, VP of Research & Engineering at  SCYTHE:

   “As companies shift away from paying ransoms, threat actors are adapting by increasing their focus on IP data theft to increase the potential business impact of each compromise. In the near term, we’ll see the same playbook similar threat actors have taken upon stealing IP and attempting to monetize it.

   “A longer-term challenge for Acer is that the internal information stolen included data on tools and infrastructure that can aid future threat actors. Asset inventory is a challenge for most organizations, and policies around technology business operations can be very difficult to change quickly in the event a threat actor is able to identify a vulnerability.”

Hopefully Acer is transparent about what was and wasn’t stolen during this hack. Because until they are transparent about this, I am really thinking that they are downplaying how serious this hack is.

Leave a Reply

%d bloggers like this: