Data protection vendor Acronis admits to data leak as 12GB trove appears online

March 10, 2023 TH Author

The CISO of Swiss cybersecurity firm Acronis has acknowledged a breach of the company’s systems but stated the incident only impacted a single customer and that all other data remains safe.

A Thursday post [PDF] to the notorious Breached Forums leak-mart brought news of the breach. In that post an attacker named kernelware – who also cracked Acer – claimed he/she had hacked and leaked certificate files, command logs, system configurations, system information logs, archives of their filesystem, python scrips for an Acronis database, backup configuration and oodles of screenshots of backup operations.

Kernelware stated that although the $120 million company is in the data protection and infosec business, it had “dogshit security” and the reason for the breach was that the hacker was bored, so decided to “humiliate” them.

The archive posted by kernelware held a total of 12.2 GBs worth of files.

Acronis CISO Kevin Reed took to LinkedIn to dispute details of the hack.

Acronis LinkedIn breach response – Click to enlarge

Acronis has both tweeted and told The Register that no Acronis product were affected.

“On March 9, a post on BreachedForums mentioned Acronis. We immediately started the investigation. The investigation confirmed that no Acronis products were affected. However, based on the information we have, the credentials used by a specific customer to upload diagnostic data to Acronis Support have been compromised. We are working with that customer and have suspended account access as we resolve the issue,” Acronis told The Reg via email.

“We continue to investigate and will provide updates if any new information is discovered,” the company spokesperson added. ®