Taiwanese electronics maker Acer has confirmed an accident of unauthorized obtain to 1 of its document servers for repairs technicians.
In a assertion shared with Infosecurity by way of email, the multinational corporation additional that it thinks no customer data was accessed thanks to the breach.
“While our investigation is ongoing, there is at the moment no indicator that any customer facts was stored on that server.”
Protect and backup your data using AOMEI Backupper. AOMEI Backupper takes secure and encrypted backups from your Windows, hard drives or partitions. With AOMEI Backupper you will never be worried about loosing your data anymore.
Get AOMEI Backupper with 72% discount from an authorized distrinutor of AOMEI: SerialCart® (Limited Offer).
➤ Activate Your Coupon Code
A threat actor self-recognized as “Kernelware” claimed responsibility for the hack on a dark web forum before this week. They stated they executed the attack mid-February and stole 160GB of information and facts from the business, like 655 directories and 2869 data files.
In the very same discussion board post, Kernelware made available to provide the allegedly stolen information for XMR (Monero) and delivered a sample showcasing slides and shows, technical manuals, backend infrastructure data, product product documentation and information and facts about various devices, between other factors.
Acer has neither verified the leak nor whether the information posted by Kernelware is authentic.
In accordance to Tim Schultz, VP of analysis & engineering at Scythe, the breach may possibly replicate the shifting nature of previously ransomware-targeted danger actors.
“As providers shift absent from spending ransoms, risk actors are adapting by expanding their emphasis on IP information theft to increase the likely organization impact of every single compromise. In the around phrase, we’ll see the very same playbook very similar threat actors have taken on stealing IP and attempting to monetize it,” Schultz mentioned.
And in accordance to Amit Sharma, a security engineer at Synopsys, when information are now scarce, it is nevertheless important for the organization to perform thanks diligence to incorporate the attack and make certain details safety.
“Organizations must have multi-layered controls to detect or block these forms of attacks, but, as the complexity of attacks increases, we need to have to make it more streamlined and much more concrete,” Sharma additional.
“These sorts of attacks also give us a reasonable indicator on why it is extremely critical to have asset administration in area and take a choice on what requires to be monitored, what is exposed and what should be prioritized.”
The Acer breach will come times just after DoControl posted a report suggesting community software as a service (SaaS) property are a major risk for medium and substantial firms.
Editorial image credit rating: Anton Watman / Shutterstock.com
Some elements of this write-up are sourced from:
www.infosecurity-magazine.com