Acer confirms huge breach after 160GB of data leaked on dark web

However Acer customer data remains safe, the company says

When you purchase through links on our site, we may earn an affiliate commission.Here’s how it works.

Acerhas suffered a major data breach in which roughly 160GB of sensitive data was stolen from its repair technicians.

The news was confirmed by the Taiwanese computer giant earlier this week, which noted that the breach, which occured in February 2023, did not involve customer data.

Acer’s investigation on the scope of the breach is still ongoing, however, and the alleged hackers have now taken to underground hacking forums to advertise the stolen goods, claiming the data contains technical manuals, software tools, backend infrastructure details, product model documentation for phones, tablets, and laptops, BIOS images, ROM files, ISO files, and replacement digital product keys.

Demanding Monero

The criminals  even posted screenshots of certain schematics for a display, some BIOS definitions, and a few confidential documents, to prove the authenticity of the stolen data. The database will be sold to the highest bidder, who is also required to make the payment in Monero.

Monero is a privacy-oriented cryptocurrency that is quite difficult to trace, and as such is a popular method of payment among cybercriminals. Monero is also the token being mined through XMRig, by far the most popular cryptojackingmalwareout there.

Acer hacked by ransomware gang demanding $50m ransom>Acer admits hackers stole data on millions of customers>Here are the best firewalls right now

This is not the first time Acer has suffered a data breach, as in 2021, the company was struck switch the REvil ransomware, whose operators demanded a ransom of $50 million, in exchange for the decryptor. The group also threatened to release the stolen data to the public. At the time, that was the highest ransom demand - ever.

Half a year later, in October 2021, Acer’s after-sales systems in India suffered an attack in which more than 60GB of data got stolen. According to BleepingComputer, the group behind the attack is known as Desorden, and it managed to get away with customer data, as well as data on distributors and retailers.

Are you a pro? Subscribe to our newsletter

Sign up to the TechRadar Pro newsletter to get all the top news, opinion, features and guidance your business needs to succeed!

Via:BleepingComputer

Sead is a seasoned freelance journalist based in Sarajevo, Bosnia and Herzegovina. He writes about IT (cloud, IoT, 5G, VPN) and cybersecurity (ransomware, data breaches, laws and regulations). In his career, spanning more than a decade, he’s written for numerous media outlets, including Al Jazeera Balkans. He’s also held several modules on content writing for Represent Communications.

This new phishing strategy utilizes GitHub comments to distribute malware

Should your VPN always be on?

VIPRE Security Group says its new endpoint protection tools can stamp out even the latest cybersecurity threats