Computer maker Acer recently revealed to California’s Attorney General (AG) that hackers broke into the company’s online store and grabbed sensitive customer data. The leaked data includes information such as customer names, addresses, and credit card numbers including expiry dates and three-digit CVC security codes. The hack affects 34,500 customers based in the United States, Canada, and Puerto Rico, as first reported by ZDNet.
It’s not clear how the hackers got in to Acer’s servers. The company has only said it was the result of an unspecified “security issue.” What we do know, however, is that the hackers obtained nearly a year’s worth of data stretching from May 12, 2015 to April 28, 2016, according to an Acer form letter submitted to California’s AG. It’s unknown if the hackers were in the system for that length of time or if that’s the amount of saved data Acer had on its servers at the time of the hack.
It’s also unknown if the credit card data was encrypted when it was stolen. We’ve reached out to Acer about this issue and will update this story should the company respond.
The impact on you at home: Acer’s breach is particularly problematic because it affects key information that allows hackers to do actual damage. Your name, address, credit card number, expiry date, and CVC code is exactly the data you need to commit credit card fraud. Luckily, the hack affects just a small segment of online shoppers. But it goes to show that no matter how careful you are with data on your own PC some hacks are simply beyond your control.
This story, "Massive Acer security breach exposes highly sensitive data of 34,500 online shoppers" was originally published by PCWorld.