Acer Logo 2011
(Image source: Acer, Inc., 2011)
One-sentence summary:
Acer was breached in February 2023 by Kernelware and 160GB of sensitive, and confidential data is up for sale on BreachForums.
Who was involved?
Acer, Inc. and Kernelware.
What was the timeline?
Mid February 2023: Breach occurs
March 6, 2023: Stolen data is posted on BreachForums by Kernelware
March 7, 2023: Acer confirms the breach via a spokesperson to HackRead.com
What occurred?
Kernelware hacked Acer, Inc. in February, exfiltrating 160GB of private data containing “655 directories and 2869 files” (Waqas, 2023, para. 2). The information was subsequently offered for sale on BreachForums with evidence of the breach (Waqas, 2023, para. 4). The stolen information included: “confidential slides and presentations, technical manuals, Windows Imaging Format files, binaries of various types, backend infrastructure data, product model documentation, and information about phones, tablets, laptops, and other devices, Replacement Digital Product Keys, ISO files, Windows System Deployment Image files, BIOS components, and ROM files” (Waqas, 2023, paras. 4-5). An Acer spokesperson confirmed that the breach occurred through a document server for repair techs (Waqas, 2023, para. 8).
Estimated costs:
TBA or N/A
Involved laws:
TBA or N/A (see disclaimer)
Root cause:
TBA or N/A (see disclaimer)
Lessons learned:
TBA or N/A (see disclaimer)
Sources:
Acer, Inc. (2011, April). Logo of the brand Acer since 2011. Wikimedia Commons. https://commons.wikimedia.org/wiki/File:Acer_2011.svg
Waqas. (2023, March 8). Acer Data Breach? Hacker Claims to Sell 160GB Trove of Stolen Data. HackRead | Latest Cybersecurity and Hacking News Site. Retrieved March 8, 2023, from https://www.hackread.com/acer-data-breach-hacker-sell-data/
