Acer suffers two breaches in a week
Summary
Acer the Taiwanese electronic technology after-sales service systems in India were compromise recently and few days after that its systems in Taiwan was breached. The same threat actor known as Desorden was hacked Acer twice in a week.
Last week the threat group Desorden claim that they have stolen over 60GB of files and databases from their Indian servers on the underground forum RAID. They also posted samples of 10,000 customers details, over 3000 login details and video with some more files. Few days after the Indian server breach the Taiwan systems was compromised. The company stated that only employee details was involved in the Taiwan breached.
Desorden stated their motive in a post, “We did not ask for separate payment on the Taiwan breach. it was meant to prove our point that Acer has neglected their cybersecurity.”
It’s reported that Desorden has breached the Acer Taiwan on October 15th, 2021, and stole employee and product information. They also state that Malaysia and Indonesia servers are still vulnerable.
Acer also release the following statement mentioning about the two incidents.
“We have recently detected an isolated attack on our local after-sales service system in India and a further attack in Taiwan. Upon detection, we immediately initiated our security protocols and conducted a full scan of our systems. We are notifying all potentially affected customers in India, while the attacked Taiwan system does not involve customer data. The incident has been reported to local law enforcement and relevant authorities and has no material impact to our operations and business continuity.”
Acer also was a victim of the ransomware attack by the REvil ransomware group in March 2021 where a ransom of $50 million was demanded. This was reported as the largest ransom at that time. Back in 2012, 20,000 user details has stolen by a Turkish Ajan Hacker Group.
Reference