Hackers say Acer breach leaked data for 40,000 users
Welcome to the club, Acer
Hackers say they breached the website security of computer-maker Acer and made off with data for 40,000 of its customers.
Screenshots posted on Friday on The Hacker News appeared to show the purchase histories, names, email addresses, and partial addresses and phone numbers for a limited number of customers stored on acer-euro.com. The site said members of the Pakistan Cyber Army were behind the attack and planned to release the data in the next 24 hours.
“We got mail from PCA that they successfully hacked the FTP of ACER and Stole around 40,000 Users Data, Various Source Codes stored on server,” The Hacker News said.
The report comes as dozens of companies and government agencies, including RSA, the Fox network, and the State of Massachusetts, have suffered security breaches that have leaked sensitive consumer information or proprietary company data. At the top of the list is Sony, which over the past six weeks has been the target of a series of devastating hacks that have exposed details for than 100 million customers, including one that surfaced on Thursday.
In some of the cases, the breaches were the result of targeted phishing campaigns, while in others hackers gained entry by exploiting easy-to-spot vulnerabilities in the companies' website applications.
A screenshot posted on The Hacker News showed an FTP application that appeared to have a valid username and password for ftp.acer-euro.com, but it wasn't clear how the credentials had been obtained.
The report said the hackers also stole source code used on Acer's website.
Acer representatives didn't immediately respond to an email seeking comment for this post. ®
Acer's FTP server
Brought to you by the same team who brought you their pre-loaded software on Windows computers...
.. wonder if they're the same chaps going after unveillance.
not coincidence but not conspiracy, either
What may well be happening is that we have reached a point where it has become fairly easy (for some) to use recently developed tools to get in to systems.
If it's likely to be military then it won't be announced by the perps but those affected, no bragging rights as you'd want to stay hidden for as long as possible.
If it's commercial espionage then it's a similar scenario.
If it's break ins to find personal info and/or embarrass the site owners then publicity is what's required, either for brownie points to show how simple it was or for some sort of political point to be made.
Like burglary, there is a difference between a careful job where you don't want to leave evidence and are selective or there's the brick through the window and make off with the obvious stuff.
Tools change according to the job in hand, tools evolve and make life easier but some people still leave the keys under the doormat.
'maybe it's (uh) just a change of climate' (James Marshal Hendrix)