Acer hacked twice in every week by the identical menace actor



Acer has suffered a second cyberattack in only a week by the identical hacking group that claims different areas are weak.
Final week, menace actors often known as ‘Desorden’ emailed journalists to say they hacked Acer India’s servers and stole knowledge, together with buyer data.
Acer later confirmed the breach however acknowledged it was an “remoted assault,” affecting solely their after-sales service techniques in India.
Lower than every week later, Desorden emailed BleepingComputer to say they breached Acer Taiwan’s servers on October fifteenth and stole worker and product data.
Additionally they shared photos of an inside Acer Taiwan portal and CSV information containing login credentials for Acer staff.
The menace actors informed BleepingComputer that they carried out the assault to show that Acer continues to be weak.

“We didn’t requested for separate fee on the taiwan breach. it was meant to show our level that Acer has uncared for their cybersecurity.” – Desorden.

Acer Taiwan took down the weak server quickly after the menace actors reported the breach to the corporate. Nonetheless, the hacking group states that different servers in Malaysia and Indonesia are nonetheless weak.
Yesterday, Acer confirmed the assault in an announcement to BleepingComputer and stated the Taiwan breach solely concerned worker knowledge.

“We now have just lately detected an remoted assault on our native after-sales service system in India and an extra assault in Taiwan. Upon detection, we instantly initiated our safety protocols and carried out a full scan of our techniques. We’re notifying all doubtlessly affected prospects in India, whereas the attacked Taiwan system doesn’t contain buyer knowledge. The incident has been reported to native legislation enforcement and related authorities, and has no materials influence to our operations and enterprise continuity.” – Acer.

Along with these two breaches, Acer suffered one other cyberattack in March 2021 after the REvil ransomware gang encrypted their community and demanded a $50 million ransom.
Desorden has a previous historical past of performing company breaches and leaking knowledge if a ransom shouldn’t be paid.
In September 2021, Desordern claimed to have breached ABX Specific, a subsidiary of Kerry Logistics, and stolen 200 GB of information, together with prospects’ private data.