Acronis, a leading Swiss data protection firm, recently suffered a cyber attack that caused quite a stir in the tech industry. A hacker claiming to be bored leaked gigabytes of information that they allegedly stole from Acronis, which raised concerns about the company’s security practices. However, Acronis has now come forward with a statement that clears up the situation and reassures its customers that their data is safe.
Acronis Targeted by a Bored Hacker
On Thursday, a hacker announced on a popular cybercrime forum that they were “leaking data of a cybersecurity company called Acronis.” The hacker claimed that they hacked Acronis because they were bored and wanted to humiliate the company. This same hacker had recently offered to sell 160 GB of data stolen from computer giant Acer.
Hacker Leaks 12 GB of Data from Single Customer’s Account
The hacker published a 12 GB archive file allegedly containing certificate files, command logs, system configurations and information logs, filesystem archives, scripts, and backup configuration data. However, Acronis clarified that the leaked data appears to come entirely from a single customer’s account.
Acronis CISO Clarifies the Situation
After the incident came to light, Acronis’ Chief Information Security Officer (CISO), Kevin Reed, clarified in a post on LinkedIn that the compromised credentials were used by a single specific customer to upload diagnostic data to Acronis support. The company is working with that customer and has suspended account access as they resolve the issue. Acronis also shared IOCs with their industry partners and is working with law enforcement.
No Other System or Credential Affected
Reed emphasized that there is no evidence of any other successful attack, and no other system or credential has been affected. There is no data in the leak that is not in the folder of that one customer. Acronis reassures its customers that none of its products are impacted by the breach.
In conclusion, while the cyber attack on Acronis was indeed concerning, the company has acted swiftly to address the issue and reassure its customers. Acronis’ security team is on high alert, and the investigation continues to prevent any future security breaches.
Dimitris is an Information Technology and Cybersecurity professional with more than 20 years of experience in designing, building and maintaining efficient and secure IT infrastructures.
Among others, he is a certified: CISSP, CISA, CISM, ITIL, COBIT and PRINCE2, but his wide set of knowledge and technical management capabilities go beyond these certifications. He likes acquiring new skills on penetration testing, cloud technologies, virtualization, network security, IoT and many more.