The CISO of Swiss cybersecurity agency Acronis has acknowledged a breach of the corporate’s techniques however acknowledged the incident solely impacted a single buyer and that each one different knowledge stays secure.
A Thursday post [PDF] to the infamous Breached Boards leak-mart introduced information of the breach. In that publish an attacker named kernelware – who additionally cracked Acer – claimed he/she had hacked and leaked certificates recordsdata, command logs, system configurations, system data logs, archives of their filesystem, python scrips for an Acronis database, backup configuration and oodles of screenshots of backup operations.
Kernelware acknowledged that though the $120 million firm is within the knowledge safety and infosec enterprise, it had “dogshit safety” and the explanation for the breach was that the hacker was bored, so determined to “humiliate” them.
The archive posted by kernelware held a complete of 12.2 GBs price of recordsdata.
Acronis CISO Kevin Reed took to LinkedIn to dispute particulars of the hack.
Acronis LinkedIn breach response – Click on to enlarge
Acronis has each tweeted and informed The Register that no Acronis product have been affected.
“On March 9, a publish on BreachedForums talked about Acronis. We instantly began the investigation. The investigation confirmed that no Acronis merchandise have been affected. Nevertheless, based mostly on the data we now have, the credentials utilized by a selected buyer to add diagnostic knowledge to Acronis Help have been compromised. We’re working with that buyer and have suspended account entry as we resolve the problem,” Acronis informed The Reg by way of e mail.
“We proceed to analyze and can present updates if any new data is found,” the corporate spokesperson added. ®
