Companies tend to hide the case of a cybersecurity breach – for certain reasons, it may be for their good. However, it is not particularly easy to hide an elephant in the room. Acer Incorporated, the Taiwan-based electronic manufacturer fell a victim to yet another breach – and this was uncovered by a fraudster selling the leaked information at one of the Darknet forums.
Acer Breached Around mid-February
A Taiwanese manufacturer of electronics, particularly laptops, tablets and peripherals, was reportedly hacked around mid-February 2023. That information was confirmed by the company the next day, on March 7, 2023. Acer claims that hackers did not get access to users’ data. All the detailed information that is circulating around is sourced from the forum post placed at one of the popular Darknet forums. That post claims a 160+GB leak that contains a huge volume of data related to both products and internal, purely confidential information. The latter contains presentations, binaries related to Acer’s proprietary applications as well as internally-used diagnostic tools, documentation for their products, Replacement Digital Product Keys and a lot of other things. Hacker itself says it is quite hard to classificate all things properly because of the massive volume of information.
To prove the leak, hackers have shown a couple of screenshots. Among them, there is an instruction for system installation, UEFI/BIOS configurations for different system states, results of a new Synaptics touchpad technology evaluation, and even blueprints of some of Acer’s new products. This leak is definitely worse than others, as this time the data is already for sale. It is quite bad even compared to other pity cases that happened to the company earlier.
Yet Another Acer Hack
It is actually not the first time when Acer pops out in the cybersecurity newsletter headlines. In 2021, there were two cases of Acer data leaks as a result of a cyberattack from an infamous REvil gang. The latter breached the company consequently in March and in October. The latter happened days before the beginning of a forced hiatus of this gang, that lasts even to these days. For both incidents, hackers were asking for $50 million in ransom. The company was bidding at $10M, which was expectedly rejected by hackers. The amount of data stolen during the first incident was not disclosed. The second one, however, contained up to 200 GB of data – even more than the Feb 2023 breach.
It is noteworthy that the first two hacks were allegedly done through the same security breach. There are rumours that hackers were not leaving the corporate network at all – simply to get back there one day. Obviously, such a practice is possible only if the company does not overhaul its cybersecurity and check up on the damaged systems. Though that says a lot about Acer’s security – but more importantly about the secureness of Acer customers’ data.
Should Acer Users Be Worried?
There are some definite reasons to think about using Acer products if you don’t want your personal data to be exposed. Well, things are not going extremely bad for retail users. They are not bonded with extensive contracts and don’t leave a lot of data. Corporate ones, however, can get their contracts, contact information, and Acer-related deals exposed – and that is suboptimal.
More problems may appear if some of the software products that appear in the leak contain certain vulnerabilities. It creates a whole lineup of hazards. Acer may suffer because leaked data may give the crooks a lead to yet another breach. Companies that use the same software for their purposes will be hurt as well. Application software that goes along with hardware supplied by Acer may be vulnerable as well. This, in turn, expands the ranges of a threat by the orders of magnitude. However, that is only a theory – a scary and pessimistic one. Even the forum post author claims that it struggles to define every category of leaked information. Thus, it may be way less threatening.
Though less threatening does not mean not harmful at all. To prevent possible dangers that emerge from such an unpleasant leak, the best option is to keep your software (and firmware!) updated. You can also add check the cybersecurity news to stay aware if there are any breaches in the programs you use. The baddest thing about zero-day exploitation attacks is that such an offensive is immune to pretty much any counteraction from legacy anti-malware software. Thus using the ones that apply a zero-trust policy by default may be a decent protection option.