Computer maker Acer recently revealed to California’s Attorney General (AG) that hackers broke into the company’s online store and grabbed sensitive customer data. The leaked data includes information such as customer names, addresses, and credit card numbers including expiry dates and three-digit CVC security codes. The hack affects 34,500 customers based in the United States, Canada, and Puerto Rico, as first reported by ZDNet, which Acer later confirmed to PCWorld.
It’s not clear how the hackers got in to Acer’s servers. The company has only said it was the result of an unspecified “security issue.” What we do know, however, is that the hackers obtained nearly a year’s worth of data stretching from May 12, 2015 to April 28, 2016, according to an Acer form letter submitted to California’s AG.
Acer told PCWorld the data was stolen because the company “inadvertently stored [the stolen consumer data] in an unsecured format.” As a result, Acer said hackers were able to access the sensitive data “for customers who made a purchase on the site [between May 12, 2015 and April 28, 2016].”
The impact on you at home: Acer’s breach is particularly problematic because it affects key information that allows hackers to do actual damage. Your name, address, credit card number, expiry date, and CVC code is exactly the data you need to commit credit card fraud. Luckily, the hack affects just a small segment of online shoppers. But it goes to show that no matter how careful you are with data on your own PC, some hacks are simply beyond your control.
This story was updated at 8:26 AM Pacific Time on June 20, 2016 with additional information from Acer.
Sign up for CIO Asia eNewsletters.