Computer manufacturer Acer has confirmed that it has been hacked.
Security Week quotes an Acer spokesperson saying it recently detected unauthorized access to one company document server used by repair technicians. There is currently no indication that any consumer data was stored on that server, Acer said.
The statement comes after the news site Hacked Read quoted a threat actor calling themselves “Kernelware” offering to sell 160GB of data, including 655 directories and 2,869 files, stolen last month.
According to the news story, the alleged stolen documents include confidential slides and presentations, technical manuals, Windows Imaging Format files, binaries of various types, backend infrastructure data, and product model documentation,
The alleged stolen data also contained Replacement Digital Product Keys, ISO files, Windows System Deployment Image files, BIOS components, and ROM files.
Headquartered in Taiwan, Acer makes a wide range of computing products, including Windows laptops, desktops, Chromebooks, Android tablets, and monitors. It has 7,500 employees around the world. In January, it announced annual revenue in 2022 was the equivalent of C$12 billion.
“Not all data breaches need to contain personal information about customers or employees, or financial information such as credit cards, to be a concern,” noted Erich Kron, security awareness advocate at KnowBe4. “In this case Acer is potentially looking at the release of some of their intellectual property and potentially sensitive company documents. Organizations spend a lot of time and money developing proprietary procedures and processes, as well as technical information about their products. In the very competitive world of electronics and technology, this information can be very valuable to competitors, and the technical information may be very valuable to bad actors wishing to create exploits targeting the victims’ products.”
