Summary

Acer the Taiwanese electronic technology giant disclosed that its after-sales service systems in India was recently breached. “We have recently detected an isolated attack on our local after-sales service system in India. Upon detection, we immediately initiated our security protocols and conducted a full scan of our systems. We are notifying all potentially affected customers in India. The incident has been reported to local law enforcement and the Indian Computer Emergency Response Team and has no material impact to our operations and business continuity.” Steven Chung, Acer Corporate Communications

According to Gartner Acer is the world’s 6th largest vendor on hardware and electronics. They have employees around 40 countries and approximately 7000 employees are working under Acer.

Even though Acer have not confirmed on the breach threat actors called Desorden claim that they have stolen over 60GB of files and databases from their servers on the underground forum RAID. Desordern has posted samples of 10,000 customers details, over 3000 login details and video with some more files.

Acer also was a victim of the ransomware attack by the REvil ransomware group in March 2021 where a ransom of $50 million was demanded. This was reported as the largest ransom at that time. Back in 2012 20,000 user details has stolen by a Turkish Ajan Hacker Group. Therefore, this is the second time the Acer India’s network has been breached by a threat group.

References

• https://therecord.media/acer-confirms-second-security-breach-this-year/
• https://www.bleepingcomputer.com/news/security/acer-confirms-breach-of-after-sales-service-systems-in-india/