Hackers leak 21 GB of data
The hacker behind the breach of the online security and cloud protection service provider is the same person behind the recent Indian HDFC bank and Acer breaches.
Editor's note: This article has been updated with an exclusive, confirmation statement from Liquid Web.
A Swiss technology and cybersecurity company, Acronis, has been hit by a data breach, with over 21GB of files and folders leaked by a hacker known as Kernelware.
The mass of data was posted on the Breach Forums on Thursday, March 9, 2023, without any login information being leaked. The hacker, who was also behind it recently Indian HDFC bank and Acer switchesclaimed to have breached Acronis because “they were bored and wanted to humiliate the company.”
According to Kernelware, the leaked data includes various certificate files, command logs, system configurations, system information logs, archives of their file system and python scripts for their maria.db database, backup configuration stuff, and tons of screenshots of their backup operations.
Hackread.com also analyzed the leaked data and it can be confirmed that no login credentials were leaked in the breach. However, several files and folders showed internal images and logs from Lansing, Michigan-based web hosting company Liquid Web.
Liquid Web was informed by Hackread.com and is investigating the leak. On the other hand, Acronis’ CISO, Kevin Reed, confirmed the incident in a LinkedIn postswhich states that “Based on our investigation so far, the credentials used by a single specific customer to upload diagnostic data to Acronis Support have been compromised.”
Update: 22:32 Friday 10 March 2023 – GMT.
Liquid Web provided an exclusive statement to Hackread.com, saying that on March 9, the company became aware of a breach in which Acronis’ support server, which contains information about Liquid Web, was compromised and data was downloaded.
Acronis notified us on March 9 that their support server containing information about Liquid Web was compromised and data was downloaded. Working with Acronis, we have confirmed that this server was used only for troubleshooting and that no Liquid Web customer credentials, files or databases were breached.
Reed claimed that no other systems or credentials have been affected by this incident. The company has not found evidence of other successful attacks and the leaked data is limited to the folder of the affected customer.
In a comment to Hackread.com, Matt Rider, VP of Security Engineering EMEA at Exabeam said “This news reinforces the importance of making sure all bases are covered when it comes to cybersecurity, as this leak was the result of only a single employee’s credentials being compromised.”
Matt emphasized that “it is important to find an intruder quickly to stop them in their tracks, but most organizations struggle to know when legitimate credentials have been compromised. This is because it is impossible to detect abnormal use of credentials unless you have already established what is normal.”
This incident and others recent cyber security incidents serve as a reminder of the importance of cyber security measures for businesses and organizations. As technology continues to evolve, the threat of cyber attacks has become more widespread and the consequences can be severe, including financial loss, reputational damage and legal liabilities.
Businesses must take proactive steps to protect their data and systems by implementing robust cybersecurity measures, such as regular security assessments, employee training, network monitoring and incident planning. It is also crucial to stay up-to-date with latest cyber security trends and best practices for addressing emerging threats.
Furthermore, individuals also play an important role in preventing cyber security incidents by being vigilant about online activities, using strong passwords and keeping software and systems up to date. Overall, it is important to acknowledge the seriousness cyber security threats and take necessary precautions to prevent and reduce their consequences.
- Chinese hackers hit cybersecurity firm Group-IB
- Cyber security firm reveals 5b data breach records
- Cyber security firm Stormshield was breached; data stolen
- Cybersecurity firm CloudSEK blames rival for breach
- The world’s leading cyber security firm Kaspersky hacked