Acer Confirms Second Security Breach

Another cybersecurity breach has occurred at Taiwanese computer manufacturer Acer.

Earlier this year, the company suffered a $50m ransomware extortion attempt after falling prey to the REvil ransomware group in May.

In this latest incident, the computer maker initiated its security protocols after detecting an attack on the section of its after-sales service system that is based in India. 

Prior to Acer’s confirmation of the breach, hackers claimed to have stolen more than 60 GB of the company’s data. On the underground cybercrime forum RAID, threat actors calling themselves Desorden posted a sample of the allegedly stolen data that appeared to show information belonging to 10,000 Acer customers.

Desorden also posted a video showing more files and databases that the group claims to have exfiltrated from Acer.

The threat actors wrote that the stolen data includes “customer, corporate accounts and financial data,” and that “affected customer data are in the millions.”

Desorden claims to have stolen the login details of at least 3,000 Acer retailers or distributors.  

“We have recently detected an isolated attack on our local after-sales service system in India,” said Steven Chung, Acer Corporate Communications, in a statement to the media. 

“Upon detection, we immediately initiated our security protocols and conducted a full scan of our systems. We are notifying all potentially affected customers in India.” 

Acer added that the incident had been reported to local law enforcement and the Indian Computer Emergency Response Team.

The company said that the incident “has no material impact to our operations and business continuity.”

The breach isn’t the first to hit Acer’s India operations. In 2012, Maxney from the Turkish hacker group known as Ajan breached six Acer India sub-domains, defacing landing pages and stealing 15,000 user credentials.

“Ransomware attacks are evolving, targeting next-gen applications like Kubernetes and Microsoft 365,” said Andy Fernandez, senior manager, product marketing, Zerto. “As the adoption of cloud applications grows, so will exploits and attacks and in turn the importance of restoring data.” 

He added: “Modern organizations that are responsible for that data will need to have native data protection solutions that can help them protect internal applications and applications shipped using containers.”

Leave a Reply