Posted on October 29, 2021 at 9:08 PM
Taiwanese tech giant Acer has suffered a cyberattack, which is the second hacking incident the company has endured within a few weeks.
Desorden, the hacking group claiming to be behind the attack, stated that the data it accessed included financial data, sensitive financial information, sensitive account information, corporate personal data, as well as personal customer information.
To back up their claims, the hackers posted a video with a file containing data of 10,000 Indian customers. In the previous attack, the threat actors also claimed to have acquired 3,000 sets of login credentials belonging to Acer distributors and its retailers across India.
This time, the same hacking group responsible for the Indian hack advertised 60GB of data on a darknet forum, claiming to be evidence of their loot.
Investigation Into The Incident Is Ongoing
In response to the news, Acer acknowledged the attack on its website. The tech giant stated that there was “an isolated attack” on its local after-sales service system in Taiwan after a similar attack on India’s server.
The company added that shortly after detected, it deployed security protocols to limit the overall impact of the attack on their systems. The security team also conducted a complete scan of its systems, although the attack in Taiwan doesn’t include customers data.
Acer also said it has taken the vulnerable servers offline to curtail the impact. The firm also said law enforcement authorities have been notified about the attack and investigation into the issue is ongoing.
Acer Claims The Cyberattack Didn’t Affect Its Operations
Acer said the recent cyber attack did not have any impact on its business or operations, as sensitive data were untouched.
Vice President at Cerberus Sentinel, Chris Clemens, stated that despite the increased security checks by organizations, securities breaches are inevitable in some cases. However, in most cases, a security breach is a result of symptoms of deep systematic organizational issues around security response, monitoring, and protection.
The Desorden hacking group has taken responsibility for both hacking incidences in India and Taiwan.
Also, the group claims that Acer’s servers in Indonesia and Malaysia are vulnerable because the firm had not taken cybersecurity very seriously. The threat group added that they no longer have access to the company’s server in India.
As stated before, this is not the first time Acer has suffered an attack this year. The tech giant’s server in India was recently hit by a cyberattack by the same hacking group.
And in March, the company suffered a REvil ransomware attack, where the threat actors demanded a $50 million ransom before they will release the stolen data.
Acer negotiated with the group, offering $10 million, but the hackers rejected the amount. It’s not clear whether Acer recovered the data by paying the full ransom.
The company has also suffered hacking attacks in the past, such as the 2012 cyber-attack where 20 user credentials were stolen.
In the latest attack, the Desprden threat group responsible for the breach said its goal was to make a statement regarding Acer’s poor cyber security framework.
Unlike the ransomware attack on the company’s servers in March, the Despoden group did not demand any ransomware payment in exchange for the return of the stolen data. However, it’s not clear whether the data has been released.
Acer Advised To Beef Up Its Security Network
Security Solutions Architect at Swimlane, Nick Tausek, complained about the vulnerability of Acer servers. He stated that companies that experience frequent cyber attacks must consider the exposure of their data as well as the security of their businesses. When important IT infrastructure and servers are forced offline, it affects the day-to-day operations of the business, he reiterated.
Tausek noted that companies suffer an average loss of $5,600 per minute for cist of IT downtime. This could translate into a huge amount of loss if the downtown goes on for hours. Additionally, the reputation of the affected company also suffers. As a result, Tausek has advised Acer and other companies to take the security of their data and server more seriously, since attacks are capable of crippling their operations.
The Desorden hacking group is not unknown in the cyber threat world. The group was also responsible for the theft of 200GB of data in the ABX Express cyberattack in Malaysia. The group operates by threatening to sell their loot to the highest bidder on the darknet if the owner of the data did not pay a ransom.