Acronis has been hit by a major data breach, but the company has played down the severity, saying only some customer credentials were affected and it hopes its systems remain unaffected.
Earlier this week, a threat actor dubbed “kernelware” posted a thread on the infamous Breached forum in which they claimed to have breached Acronis and leaked over 12GB of data as evidence.
The leak contains “various certificate files, various command logs, system configuration, system info logs, filesystem archives, python scripts for the maria.db database, backup configuration contents, numerous screenshots of backup operations.”
boring attack
Threat actors say the breach’s sole motivation is boredom, and the company’s endpoints (opens in a new tab) There is “dogsh*t security”. “So I decided to shame them. Simple as that,” read the thread. While some users requested a more detailed analysis of how the attackers succeeded, the kernel software decided not to share any details.
However, Acronis reached out to the press and social media, claiming that none of its products were affected. In a response to a tweet, the company said “specific credentials” used by a single customer to upload diagnostic data to Acronis servers were compromised.
“No Acronis products are affected. Our customer service team is currently working with this customer.”
While this most likely isn’t a deal breaker for Acronis, the fact remains that customers haven’t bothered to use multi-factor authentication (MFA) to secure their accounts.
MFA is widely considered the industry standard for cybersecurity and one of the most recommended methods. With MFA, users also need to receive a one-time password to log in. This code can be received via SMS, a mobile application such as Google Authenticator, or a hardware token.
Skeleton keys have also emerged as a viable alternative to passwords in the last year.
pass: register (opens in a new tab)
