Massive Acer security breach exposes 34,500 online shoppers
Computer maker Acer recently revealed to California’s Attorney General (AG) that hackers broke into the company’s online store and grabbed sensitive customer data. The leaked data includes information such as customer names, addresses, and credit card numbers including expiry dates and three-digit card verification codes (CVCs). The hack affects 34,500 customers based in the United States, Canada, and Puerto Rico, as first reported by ZDNet.
It’s not clear how the hackers got in to Acer’s servers. The company has only said it was the result of an unspecified security issue. What is known is that the hackers obtained nearly a year’s worth of data stretching from 12 May 2015 to 28 April 2016, according to an Acer form letter submitted to the AG. It’s unknown if the hackers were in the system for that length of time or if that’s the amount of saved data Acer had on its servers at the time of the hack.
It’s also unknown if the credit card data was encrypted when it was stolen.
Acer’s breach is particularly problematic because it affects key information that allows hackers to do actual damage. Your name, address, credit card number, expiry date, and CVC code is exactly the data you need to commit credit card fraud. Luckily, the hack affects just a small segment of online shoppers. But it goes to show that no matter how careful you are with data on your own PC some hacks are simply beyond your control.