March 12, 2024 at 03:37PM
Acer Philippines confirmed a data breach by a third-party vendor, leading to leaked employee data on a hacking forum. The company stated no direct breach of its systems and reassured no customer data was affected. Acer is working with cybersecurity experts and law enforcement in response to the incident. Multiple past security incidents were also mentioned.
Based on the meeting notes, the key takeaways are as follows:
1. Employee data was stolen in a cyber attack on a third-party vendor managing Acer Philippines’ employee attendance data. The stolen database was made available for download on a hacking forum by a threat actor known as ‘ph1ns’.
2. The threat actor confirmed that it was a pure data theft attack and that no ransomware or encryption was involved. They also stated that they were not attempting to extort the company.
3. Acer verified that the breached data belonged to them but was not acquired directly from their systems. They have emphasized that customer data remains secure and there is no evidence of a breach in Acer’s systems.
4. Acer has reported the incident to the National Privacy Commission and the Cybercrime Investigation and Coordinating Center in the Philippines, and an investigation is underway.
5. It was mentioned that Acer has experienced previous security incidents in recent years, including breaches of company servers and customer data theft.
These takeaways provide a clear summary of the main points discussed in the meeting notes.