iscover
Share this article on:
Powered by
MOMENTUM
MEDIA
Threat actors have leaked the data of Acer employees online after exfiltrating it during an attack on a third-party provider, the company confirms.
The Philippine subsidiary of Taiwanese PC and laptop builder Acer confirmed that employee data was compromised after a threat actor going by the name “ph1ns” made a post on a hacking forum with a link to download a database of stolen Acer Philippines employee data.
“Acer Philippines was recently breached as part of #opEDSA, the following is a data sample from the databases,” said ph1ns.
The threat actor added that the data was not for sale and told tech publication BleepingComputer that no encryption or ransomware methods were involved. It also said it had no plans to extort the company.
“Sorry, I’m not selling the data, though might sell the access if it interests anyone, can give out more details about how it was breached and what kind of access it is in private,” the threat actor said.
BleepingComputer was reportedly provided evidence that the threat actor had wiped the breached servers before losing access.
While Acer has not disclosed the specifics regarding what data was stolen, it has since released an official statement regarding the breach.
In our commitment to full transparency, we wish to inform you of a recent security incident involving a third-party vendor managing employee attendance data. pic.twitter.com/SXDeZ3I27B
— Acer Philippines (@AcerPhils) March 12, 2024
“We want to assure everyone that our security checks confirm that there has been no breach or leak of any Acer Philippines customer database, and customer data remains unaffected by this incident,” said Acer Philippines on X (formerly Twitter).
It also reiterated that this was an attack on a third-party vendor responsible for managing employee attendance data.
“It’s crucial for us to assure you that the integrity of the Acer Philippines customer database remains intact – there has been absolutely no breach or compromise of customer data,” Acer said in a response to its X post.
“Our internal systems, protecting customer databases, remain secure and unbreached.”
Acer has been hacked a number of times in the past, most notably in March 2021 when the REvil ransomware group hit the computer company and demanded a record-breaking $50 million in ransom payments.
Following this, Acer revealed its after-sales service, which is based in India, was hit, resulting in millions of records of customer data being exfiltrated.
Most recently, a company server was hit in 2023, leading to technical documents, digital product keys, software tools and more being stolen.
Be the first to hear the latest developments in the cyber industry.
