Taiwanese computer company Acer confirmed a data breach after threat actors compromised a server housing private documents used by repair specialists. However, the company claims that the results of its investigation do not demonstrate that this security accident has impacted customer data. The data breach was confirmed following the sale of 160GB of Acer data in mid-February 2023 on a well-known hacking forum. According to the announcement posted by a threat actor, the leaked database contained technical instructions, backend infrastructure details, software tools, product model documentation for smartphones, laptops, and tablets, Basic Input/Output System (BIOS) images, read-only memory (ROM) files, International Organization for Standardization (ISO) files, and Replacement Digital Product Keys (RDPK). The seller published screenshots of technical schematics for the Acer V206HQL display, documents, BIOS definitions, and private documents as evidence of the data breach. The threat actor offered the complete dataset for sale to the highest bidder. According to the announcement, the seller would only accept the anonymous cryptocurrency Monero (XMR) as a payment option.
This incident follows a series of Acer security breaches that happened over the previous few years. The REvil ransomware gang attacked the computer manufacturer in March 2021, demanding a record-breaking $50,000,000 ransom payment for a decryptor. The hacker group Desorden gained access to Acer’s after-sales systems in India. As a result, over 60GB of data was compromised, including information about thousands of customers, retailer records, and distributors.