Hackers Stole 12GB of Data from Acronis

On a hacker forum, data that unknown hackers stole from Acronis was published in the public domain. Among other things, the dump contains certificate files, command logs, system configurations, and so on.

Let me remind you that the media wrote that At the Virus Bulletin conference, Acronis and Search-Lab experts spoke about a botnet consisting of TP-Link routers.

One of the first fresh leaks was noticed by the in2security Telegram channel. It is reported that behind this leak is the same attacker who put up for sale the data of the Taiwanese company Acer earlier this week.

The researchers write that the dump contains:

1. various certificate files;
2. various command logs;
3. system configurations;
4. system information logs;
5. archives of their file system;
6. python scripts for their maria.db database;
7. backup configuration;
8. many snapshots of backup operations.

Ekaterina Turtseva

Although there have been no official statements from Acronis representatives yet, Ekaterina Turtseva, Acronis Vice President for Communications, told CNews that “there is no leak.”

What kind of password was discussed, who stole it, when and from where, the company did not specify.

Acronis representatives confirmed the authenticity of the “leaked” data and explained what exactly happened. According to the company’s official Twitter, one client’s credentials used to upload diagnostic data to the Acronis support file server were compromised. It is emphasized that “no Acronis products were affected.”

According to the head of Acronis for information security Kevin Reed, work is currently underway with the affected client, and access to his account has been suspended during the investigation. Reed says the company has already provided indicators of compromise with industry partners and is cooperating with law enforcement.