A hacker who goes by the nickname “Kernelware” and who stole data from Acer a month ago is now making claims that they got into the Swiss cybersecurity business Acronis. Nevertheless, the data breach at Acronis only impacted 12 gigabytes of information, which is a significantly lower amount than the one that harmed Acer. On Thursday, March 9, 2023, the treasure of data was uploaded to Breach Forums, although there was no disclosure of login passwords in any of the posts. The hacker, who was also responsible for the recent data breaches at the Indian HDFC bank and at Acer, stated that they broke into the Acronis system because “they were bored and wanted to shame the firm.”
According to Kernelware, the data that was compromised includes a variety of certificate files, command logs, system configurations, system information logs, archives of their filesystem, and python scripts for their maria.db database, in addition to backup configuration stuff and a large number of screenshots of their backup operations. The data that was stolen, and the fact that the breach did not result in the theft of any login passwords can both be verified. Nevertheless, a number of the files and folders displayed internal photos and logs from the web hosting company Liquid Web, which is located in Lansing, Michigan.
Kevin Reed, the Chief Information Security Officer of the company, posted further details on LinkedIn. According to him, the security breach only impacted one of the company’s customers, and they have now disabled access to the account that was breached.
‘No other system or credential has been compromised,’ he noted later on in the conversation. Acronis, for its part, has said through Twitter that “none of the Acronis products have been compromised.”
As a consequence of this revelation, it is even more important to ensure that all bases are covered when it comes to cybersecurity, given this breach was caused by the credentials of only one person being hacked. This event, along with other recent ones involving cybersecurity, serves as a reminder of how important it is for companies and other organizations to take precautions to protect themselves. There has been an increase in the likelihood of cyberattacks in recent years due to the continued development of technology. These attacks may have significant repercussions, including monetary loss, harm to one’s reputation, and legal liability.
Information security specialist, currently working as risk infrastructure specialist & investigator.
15 years of experience in risk and control process, security audit support, business continuity design and support, workgroup management and information security standards.