Acer Philippines confirmed that worker information was stolen in an assault on a third-party vendor who manages the corporate’s worker attendance information after a risk actor leaked the info on a hacking discussion board.
Acer is a Taiwanese maker of pc {hardware} and electronics, greatest identified for its laptops that provide stability of efficiency, high quality, and aggressive pricing.
Earlier right this moment, a risk actor generally known as ‘ph1ns’ printed a hyperlink to obtain a stolen database containing Acer worker information at no cost on a hacking discussion board.
The attacker advised BleepingComputer that no ransomware or encryption was concerned and that it was a pure information theft assault.
They additional confirmed to BleepingComputer that they weren’t trying to extort the corporate. Nevertheless, they did present proof that they wiped information on the breached servers earlier than they misplaced entry.
We reached out to Acer to confirm the authenticity of the risk actors’ claims, and an Acer spokesperson confirmed that the info is theirs however was not acquired immediately from the corporate’s methods.
“We’re conscious that considered one of our exterior distributors within the Philippines has suffered a data breach, and consequently, a restricted set of worker information has been compromised,” a spokesperson advised BleepingComputer.
“Whereas we’re working with the seller, cybersecurity specialists and regulation enforcement, we want to emphasize that no buyer information has been affected and there’s no proof of any breach of Acer’s methods.”
Acer Philippines later issued a public assertion on X providing related assurances in regards to the security of buyer information and confirming that its methods stay uncompromised.
The pc maker has notified the Nationwide Privateness Fee (NPC) and the Cybercrime Investigation and Coordinating Heart (CICC) within the Philippines, and an investigation of the incident is underway.
Acer’s previous lapses
Acer has had a number of security incidents lately. In February 2023, hackers breached an organization server holding technical manuals, software program instruments, BIOS photographs, and substitute digital product keys (RDPK), amongst different issues.
In October 2021, Acer admitted that its India-based after-sales service had been compromised, and thousands and thousands of information containing buyer information had been stolen.
Lastly, in March 2021, the pc maker was hit by a REvil ransomware assault that broke information for demanding a ransom cost of $50 million.
