One main great thing about the Internet is that it facilitates communication and ease of access to information. The Internet has become an essential part of our lifestyles, and people use it for a variety of purposes, including for making online purchases and acquiring products without having to visit brick and mortar stores. Evidently, these practices require users to provide online retailers with personal and credit card information, which is generally safely stored on secure databases. However, no system is perfect, in computing or otherwise, and hackers are always on the lookout for vulnerabilities they can exploit in order to acquire sensitive data for malicious purposes. In recent news, one of the latest cyber-attacks to come to light was directed at Acer. In a letter sent by Acer to California’s Attorney General earlier this week, the Taiwanese tech giant revealed that hackers have managed to exploit an unspecified security issue, allowing them to collect customer (personal) information from the company’s e-commerce website.
According to the letter, hackers have been able to steal personal information from a large number of customers who have used the company’s e-commerce site between May 12, 2015, and April 28, 2016. An Acer spokesperson revealed that the hackers were able to acquire personal information from roughly 34,500 customers located in the US, Canada, and Puerto Rico. The sensitive information potentially includes customer names, addresses, as well as credit card three-digit security codes and expiration dates. Worryingly enough, this type of data can technically be used for credit card fraud, but on the brighter side of things, Social Security numbers are not collected by Acer and the company also mentioned that they have not yet identified any evidence to suggest that login credentials and / or passwords have been affected by the security breach.
Acer instructs customers who suspect that they are victims of fraud or identity theft to file a police report, and / or contact the US Federal Trade Commission or the State Attorney General’s office and ask for help on how to manage the problem. Meanwhile, Acer says that they took “immediate steps to remediate this security issue upon identifying it” and are assisted by outside cybersecurity experts. They also offered their cooperation to federal law enforcement and have reported the problem to their credit card payment processor. These events took place weeks after 117 million leaked LinkedIn passwords went up for sale, and not long after some of Mark Zuckerberg's social media accounts were hacked due to the same aforementioned LinkedIn security breach.