Acer Admits Startling Leak: Philippines Employee Data Exposed on Hacking Forum

When Cybersecurity Hits Close to Home: Acer Philippines’ Employee Data Breach

Picture this: you’ve just bought a shiny new laptop from Acer, a leading Taiwanese computer hardware and electronics company. You’re excited about the great balance of performance, quality, and competitive pricing that Acer products offer. Then, one day, you hear the news: Acer Philippines has confirmed that employee data was stolen in an attack on a third-party vendor who manages the company’s employee attendance data. A hacker known as ‘ph1ns’ has leaked the data on a hacking forum. Your excitement turns into concern.

A Pure Data Theft Attack

The attacker, ph1ns, told us in an exclusive conversation that the attack didn’t involve ransomware or encryption. Instead, it was a pure data theft attack. They also confirmed that they weren’t attempting to extort the company, but they did provide evidence that they wiped data on the breached servers before losing access.

Acer’s Response

We reached out to Acer to verify the authenticity of the threat actor’s claims. An Acer spokesperson confirmed that the data is theirs, but it wasn’t acquired directly from the company’s systems. “We are aware that one of our external vendors in the Philippines has suffered a data breach, and as a result, a limited set of employee data has been compromised,” the spokesperson told us.

The spokesperson added, “While we are working with the vendor, cybersecurity experts, and law enforcement, we would like to emphasize that no customer data has been affected and there is no evidence of any breach of Acer’s systems.” Acer Philippines later issued a public statement, offering similar assurances about the security of customer data and confirming that its systems remain uncompromised.

Investigation Underway

Acer has notified the National Privacy Commission (NPC) and the Cybercrime Investigation and Coordinating Center (CICC) in the Philippines, and an investigation of the incident is underway.

A Look Back at Acer’s Past Security Incidents

Unfortunately, this isn’t the first time Acer has faced cybersecurity challenges. In February 2023, hackers breached a company server holding technical manuals, software tools, BIOS images, and replacement digital product keys (RDPK), among other things. In October 2021, Acer admitted that its India-based after-sales service had been compromised, resulting in the theft of millions of records containing customer data. And in March 2021, the company faced a REvil ransomware attack that broke records with a staggering ransom demand of $50 million.

Join Us in the Fight Against Cybercrime

Cybersecurity is no longer a luxury. As technology continues to advance and our lives become increasingly intertwined with the digital world, the importance of protecting our data and maintaining our privacy has never been more critical. These incidents serve as a stark reminder of just how vulnerable even large and well-established companies like Acer can be to cyberattacks.

At IT Services, we’re committed to helping individuals and organizations stay one step ahead of the game. If you’re interested in learning more about how to protect your data and maintain your privacy in the digital age, don’t hesitate to contact us. Let’s work together to build a safer and more secure future for all.