TAIPEI (Taiwan News) — The Taiwanese technology company Acer confirmed earlier this week that company servers were hacked in February by a hacker using the name Kernelware.
The hack was reported over a week ago, but Acer only confirmed this week that a server used by repair technicians was compromised. The company insists that no customer data was stolen in the security breach.
According to a report from CPO magazine, Kernelware claims to have obtained 160 GB of data from 655 directories, constituting a total of 2,865 files. The threat actor shared screenshots of some files on a website called BreachForums, and requested a ransom payment in the cryptocurrency Monero.
While the breach may not compromise private customer information, the stolen files include sensitive information about how Acer devices and programs operate. If the files are released to malicious actors, it could create a host of cybersecurity problems and make Acer hardware throughout the world vulnerable to exploitation.
Last week, a Swiss cybersecurity firm named Acronis was also targeted by Kernelware, according to a report from Computing. However, the Acronis hack only compromised about 12 GB of data.
Acer previously suffered two major hacks in 2021. One was by a group called the REvil ransomware gang, which requested US$50 million (NT$1.53 billion) to protect sensitive financial documents. It is rumored the company paid the ransom price. A second breach happened on Acer systems located in India by a group called Desorden, reported Linux Experten.
Some of the Acer data allegedly stolen in 2021 has since resurfaced and is now being auctioned off on hacker forums, as the company now deals with its most recent hack.
Acer’s confirmation of its recent data breach comes on the heels of new regulations that were implemented in Taiwan earlier this month. As of March 10, financial regulators will fine listed companies in Taiwan NT$5 million if they fail to disclose major cybersecurity events.