Acer discloses a new data breach, 160 GB of sensitive data available for sale

Pierluigi Paganini March 07, 2023

Taiwanese multinational hardware and electronics corporation Acer discloses a data breach after a threat actor claimed the hack of the company.

Recently a threat actor announced the availability for sale of 160 GB of data allegedly stolen from the Taiwanese multinational hardware and electronics corporation Acer.

Acer data breach

The threat actor announced the hack on a popular cybercrime forum, he claims to have stolen about 2869 files. The stolen files include confidential product model documentation, binaries, backend infrastructure, BIOS information, and other sensitive data.

Reads the post published by the seller on Breached Forums:

The leak contains a total 160GB of 655 directories, and 2869 files. It includes:

  • Confidential slides/presentations
  • Staff manuals to various technical problems
  • Windows Imaging Format files
  • Tons of binaries (.exe, .dll, .bin, etc…)
  • Backend infrastructure
  • Confidential product model documentation and information of phones, tablets, laptops, etc…
  • Replacement Digital Product Keys (RDPK)
  • ISO files
  • Windows System Deployment Image (SDI) files
  • Tons of BIOS stuff
  • ROM files

(honestly there’s so much shit that it’ll take me days to go through the list of what was breached lol)

Acer confirmed the incident and discloses a data breach, the company said that attackers have compromised one of its servers.

“We have recently detected an incident of unauthorized access to one of our document servers for repair technicians. While our investigation is ongoing, there is currently no indication that any consumer data was stored on that server, ” Acer’s representative told Cybernews.

The seller is a reputable member of the forum, he states that only accepts payments in Monero cryptocurrency and will only sell with the escrow.

The seller added that the data was stolen in mid-February.

In October, the tech giant was hacked twice in a week, the same threat actor (Desorden) initially breached some of its servers in India, then he claimed to have also breached some systems in Taiwan.

Follow me on Twitter: @securityaffairs and Facebook and Mastodon

Pierluigi Paganini

(SecurityAffairs – hacking, acer)

you might also like

leave a comment