160GB of confidential data leaked, PC giant Acer confirms its servers were hacked
Acer, the Taiwanese computer manufacturer, has confirmed that its servers used by the operations team were hacked, and 160GB of confidential data was stolen. On March 6, on a well-known hacker forum, a hacker claimed to have stolen Acer’s technical data.
Acer data put up for sale on hacker forums (BleepingComputer)
The leak contains a total of 655 directories and 2869 files, totaling 160GB, including:
- Confidential slides/presentations;
- Staff manuals for various technical problems;
- Windows image format files;
- Tons of binary files (.exe, .dll, .bin, etc.);
- Backend infrastructure;
- Confidential product model documents and information for mobile phones, tablets, laptops, etc.;
- Replacement of digital product keys (RDPK);
- ISO files;
- Windows system deployment (SDI) files;
- Tons of BIOS stuff;
- ROM files.
To prove the authenticity of this data, the hacker shared screenshots of the technical schematics, documents, BIOS definitions, and confidential documents of the Acer V206HQL monitor. The hacker also complained, “honestly there’s so much * that it’ll take me days to go through the list of what was breached lol.”
The seller added that the data was stolen in mid-February. The seller is a reputable member of the forum and plans to sell the entire data set to the highest bidder. They stated that they would only accept the untraceable encrypted currency, Monero (XMR), as a payment method and would only trade through intermediaries.
Acer confirmed the incident in a statement released to some media outlets:
“We have recently detected an incident of unauthorized access to one of our document servers for repair technicians. While our investigation is ongoing, there is currently no indication that any consumer data was stored on that server.”
If the data leaked in this incident is proven to be genuine, it will be the fourth security incident suffered by Acer in less than two years: The REvil ransomware group attacked the company in March 2021; in October of the same year, the company was attacked twice by the Desorden hacker group, and in the latter two incidents, Acer’s customer and employee information was leaked.
