{"id":50971,"date":"2023-03-10T19:03:52","date_gmt":"2023-03-10T19:03:52","guid":{"rendered":"https:\/\/www.threatshub.org\/blog\/acronis-downplays-intrusion-after-12gb-trove-leaks-online\/"},"modified":"2023-03-10T19:03:52","modified_gmt":"2023-03-10T19:03:52","slug":"acronis-downplays-intrusion-after-12gb-trove-leaks-online","status":"publish","type":"post","link":"https:\/\/www.threatshub.org\/blog\/acronis-downplays-intrusion-after-12gb-trove-leaks-online\/","title":{"rendered":"Acronis downplays intrusion after 12GB trove leaks online"},"content":{"rendered":"

The CISO of Acronis has downplayed what appeared to be an intrusion into its systems, insisting only one customer was affected, using stolen credentials, and that all other data remains safe.<\/p>\n

A Thursday thread<\/a> [PDF] on the notorious Breached Forums leak-mart brought news of the theft. In that post an attacker named kernelware – who also cracked Acer<\/a> – claimed they had broken into Acronis, and stolen then leaked certificate files, command logs, system configurations, system information logs, archives of their filesystem, python scrips for an Acronis database, and backup configuration, plus oodles of screenshots of backup operations.<\/p>\n

Kernelware stated although the $120 million company is in the data protection and infosec business, it had \u201cdogshit security,\u201d and that the hacker was bored, so decided to \u201chumiliate\u201d the biz. The archive shared by Kernelware held a total of 12.2GB of stolen files.<\/p>\n

Acronis security boss Kevin Reed took to LinkedIn<\/a> to dispute details of the boasted intrusion.<\/p>\n

Acronis has both tweeted<\/a> and told The Register<\/i> that no Acronis products were affected or exploited. Instead, someone got hold of an Acronis customer’s account login info and used that to siphon off their files, we’re told.<\/p>\n