Taiwanese computer giant Acer confirmed that it suffered a data breach after threat actors hacked a server hosting private documents used by repair technicians.
However, the company says the results of its investigation so far do not indicate that this security incident has impacted customer data.
The confirmation of a data breach comes after a threat actor began selling on a popular hacking forum what they claim is 160GB of data stolen from Acer in mid-February 2023.
The threat actor claims the stolen data contains technical manuals, software tools, backend infrastructure details, product model documentation for phones, tablets, and laptops, BIOS images, ROM files, ISO files, and replacement digital product keys (RDPK).
As proof that they stole data, the threat actor shared screenshots of technical schematics for the Acer V206HQL display, documents, BIOS definitions, and confidential documents.
The poster of the data said they were selling the entire dataset to the highest bidder, clarifying that they would only accept the hard-to-trace cryptocurrency Monero (XMR) as a form of payment.
After contacting Acer about the data breach, a company spokesperson confirmed to BleepingComputer that it suffered a breach on one of its document servers.
