Acronis security incident analysis

Acronis
Cyber Protect Cloud
for service providers

What happened?

On March 9, a post on BreachedForums mentioned that Acronis had been hacked. As this is a very serious matter, we immediately opened an investigation and found that this post was unfounded and no Acronis products had been hacked or compromised. What we did find was that the credentials used by one specific customer to upload diagnostic data to Acronis Support was compromised and made available online. A threat actor then used that information to access diagnostic data which did NOT contain private or sensitive information and was wholly outside of the Acronis system and perimeter. We worked with the customer directly, and suspended account access immediately as an added security measure.

Was Acronis hacked?

No, Acronis was not hacked. One customer’s user credentials were compromised outside of our systems.

Will other customers be affected?

No, there is no threat to other Acronis customers or their data. As a cyber protection company, we take security very seriously. No Acronis systems or networks were compromised.

What did the internet say?

False claims were posted about a breach and a data-dump of sensitive information. After a thorough investigation, all claims were completely false.

What did Acronis do about it?

Acronis has been working with our loyal channel partners and customers to share accurate information about the one user’s compromised credentials. Additionally, we have been providing guidance and factual statements to media outlets and/or reporters to ensure accurate reporting. We won’t be able to correct all online articles, but we have provided all media outlets who have covered this story or reached out to us, a factual representation of the events and the opportunity to modify their stories.

More from Acronis