The Philippines division of Taiwanese tech agency Acer has confirmed that info associated to its staff has been leaked after a third-party vendor suffered a safety breach.
An attacker referred to as “ph1ns” posted a hyperlink on a hacking discussion board to a stolen database containing worker attendance knowledge from Acer Philippines. The database reportedly included staff’ names, usernames, passwords, roles, departments, employer’s identify, birthdates, cellular numbers, and e-mail addresses.
Ph1ns stated they weren’t promoting the info, however providing it at no cost to anybody .
Is the free entry to the stolen knowledge a sign that the attacker doesn’t assume that the stolen info is simple to monetise or an altruistic act by Ph1ns?
Your guess is pretty much as good as mine. However the hack of the unnamed third-party vendor was claimed to have occurred beneath the banner of “#OpEDSA” – a motion calling for political change within the Philippines, which has focused firms within the nation.
It is price underlining that the stolen knowledge was not taken straight from Acer, and there was no proof of a breach within the firm’s techniques.
As an alternative, it seems that the corporate managing Acer Philippines worker attendance knowledge suffered its personal safety breach. After all, that’s little consolation for staff who will probably be understandably sad that their private particulars have fallen into the palms of hackers and are being shared through hacking boards.
In a assertion posted on Twitter, Acer Philippines additionally emphasised that no buyer knowledge was uncovered because of the leak.
That is actually a silver lining for Acer laptop computer patrons. And a greater state of affairs than virtually ten years in the past when Acer’s ecommerce web site was hacked permitting hackers to steal clients’ particulars, together with (gulp!) fee card info.
Acer can as soon as extra argue that it wasn’t its infrastructure that was hacked, however it has suffered safety breaches prior to now – together with a $50 million ransomware assault, the theft of 60GB price of recordsdata from its Indian servers.
All companies must safe their techniques and have faith that the info entrusted to 3rd events will probably be stored safely out of the attain of hackers.