Acer Confirms Data Breach – Intellectual Property Info at Risk

PC maker Acer has confirmed that somebody broke into its IT infrastructure, following reports that hackers may have stolen 160 GB of data from its servers.

Headquartered in Xizhi, New Taipei City (Taiwan), Acer is a major player in the electronics sector and the world's 5th-largest PC vendor as of 2022, by unit sales.

Reacting to an enquiry by The Register on Tuesday, a company spokesperson admitted that Acer indeed suffered a breach recently:

“We have recently detected an incident of unauthorized access to one of our document servers for repair technicians,” the spokesperson told the British tech news site.

“While our investigation is ongoing, there is currently no indication that any consumer data was stored on that server.”

While the second part of the statement may sound like an attempt to downplay the incident, the apparent safety of customer data is welcome news.

160GB of data up for sale

Hackers allegedly breached Acer’s servers in mid-February, resulting in the theft of around 160 GB of sensitive data.

A BreachForums member named Kernelware claimed on Monday to be sitting on the stolen data while advertising it for sale.

The trove allegedly includes confidential slides/presentations, staff manuals to various technical problems, Windows imaging format files, binaries and ISO files, ROM files, BIOS data, Windows SDI files, product keys, and more.

The seller even says it will take days to sift through the data and properly determine what exactly is at stake in this leak.

Image credits: hackread.com

Kernelware is reportedly instructing prospective buyers to approach him via private message with Monero in hand.

Intellectual property at risk

It is unclear if the attack involved ransomware of some kind – as is common these days – or simple data theft.

Perhaps more importantly, the dump also includes what the seller claims to be “confidential product model documentation and information” of various Acer products, including phones, tablets and laptops.

Acer’s product range includes all of the above, as well as desktop PCs, servers, storage devices, gaming gear, virtual reality hardware, displays, peripherals, and more.

Intellectual property theft is a major concern that can drastically affect its edge over competitors and, implicitly, its bottom line.

Acer is not at its first run-in with hackers. In 2021, ransomware operators broke into the company’s servers and got their hands on financial statements and other banking data. The attackers demanded a whopping $50 million to refrain from publishing the data.