Acer hacked twice in per week by the identical risk actor

Acer has suffered a second cyberattack in only a week by the identical hacking group that claims different areas are susceptible.

Final week, risk actors often called ‘Desorden’ emailed journalists to say they hacked Acer India’s servers and stole information, together with buyer data.

Acer later confirmed the breach however acknowledged it was an “remoted assault,” affecting solely their after-sales service programs in India.

Lower than per week later, Desorden emailed BleepingComputer to say they breached Acer Taiwan’s servers on October fifteenth and stole worker and product data.

Additionally they shared photographs of an inside Acer Taiwan portal and CSV recordsdata containing login credentials for Acer workers.

The risk actors informed BleepingComputer that they carried out the assault to show that Acer remains to be susceptible.

“We didn’t requested for separate fee on the taiwan breach. it was meant to show our level that Acer has uncared for their cybersecurity.” – Desorden.

Acer Taiwan took down the susceptible server quickly after the risk actors reported the breach to the corporate. Nonetheless, the hacking group states that different servers in Malaysia and Indonesia are nonetheless susceptible.

Yesterday, Acer confirmed the assault in an announcement to BleepingComputer and stated the Taiwan breach solely concerned worker information.

“We’ve not too long ago detected an remoted assault on our native after-sales service system in India and an extra assault in Taiwan. Upon detection, we instantly initiated our safety protocols and carried out a full scan of our programs. We’re notifying all doubtlessly affected clients in India, whereas the attacked Taiwan system doesn’t contain buyer information. The incident has been reported to native legislation enforcement and related authorities, and has no materials affect to our operations and enterprise continuity.” – Acer.

Along with these two breaches, Acer suffered one other cyberattack in March 2021 after the REvil ransomware gang encrypted their community and demanded a $50 million ransom.

Desorden has a previous historical past of performing company breaches and leaking information if a ransom isn’t paid.

In September 2021, Desordern claimed to have breached ABX Categorical, a subsidiary of Kerry Logistics, and stolen 200 GB of information, together with clients’ private data.

Supply hyperlink

Previous post BMW 3 Collection EV to interrupt cowl in 2025, will likely be based mostly by Neue Klasse platform
Next post Forward of Goa’s 2022 polls, alliance talks warmth up, however Congress stays ‘susegad’