Acer Philippines confirmed that employee data was stolen in an attack on a third-party vendor who manages the company’s employee attendance data after a threat actor leaked the data on a hacking forum.
Acer is a Taiwanese maker of computer hardware and electronics, best known for its laptops that offer a good balance of performance, quality, and competitive pricing.
Earlier today, a threat actor known as ‘ph1ns’ published a link to download a stolen database containing Acer employee data for free on a hacking forum.
The attacker told BleepingComputer that no ransomware or encryption was involved and that it was a pure data theft attack.
They further confirmed to BleepingComputer that they were not attempting to extort the company. However, they did provide evidence that they wiped data on the breached servers before they lost access.
We reached out to Acer to verify the authenticity of the threat actors’ claims, and an Acer spokesperson confirmed that the data is theirs but was not acquired directly from the company’s systems.
“We are aware that one of our external vendors in the Philippines has suffered a data breach, and as a result, a limited set of employee data has been compromised,” a spokesperson told BleepingComputer.
“While we are working with the vendor, cybersecurity experts and law enforcement, we would like to emphasize that no customer data has been affected and there is no evidence of any breach of Acer’s systems.”
Acer Philippines later issued a public statement on X offering similar assurances about the security of customer data and confirming that its systems remain uncompromised.
The computer maker has notified the National Privacy Commission (NPC) and the Cybercrime Investigation and Coordinating Center (CICC) in the Philippines, and an investigation of the incident is underway.
Acer’s past lapses
Acer has had multiple security incidents in recent years. In February 2023, hackers breached a company server holding technical manuals, software tools, BIOS images, and replacement digital product keys (RDPK), among other things.
In October 2021, Acer admitted that its India-based after-sales service had been compromised, and millions of records containing customer data were stolen.
Finally, in March 2021, the computer maker was hit by a REvil ransomware attack that broke records for demanding a ransom payment of $50 million.