Taiwanese computer maker Acer suffered a second cyber attack in just a week by the same hacking group, which it said was just as vulnerable to the rest of Acer.
Last week, a group of hackers known as “Desorden” posted on forums that they had hacked into Acer India’s servers and stole data, including customer information. Acer later confirmed the breach, but said it was an “isolated attack” that only affected its after-sales service system in India.
Less than a week later, Desorden told the media that they hacked Acer’s servers in Taiwan’s headquarters on October 15 and stole employee and product information. They also shared images of Acer’s internal portal in Taiwan and a CSV file containing login credentials for Acer employees.
The hacker group said they carried out the attack to demonstrate that Acer remains vulnerable.
“We did not ask Acer to pay separately for this breach. This is to prove our point that Acer ignored their cybersecurity.” -Desorden.
Acer shut down vulnerable servers in Taiwan shortly after the hacker group notified Acer of the vulnerability. However, the hacker group said other Acer servers in Malaysia and Indonesia remained vulnerable.
Yesterday, Acer confirmed the attack in a statement to foreign media, saying that the intrusion against Acer Taiwan only involved employees and not customer data.
“We recently detected an isolated attack on our local after-sales service system in India and further attacks in Taiwan. Upon detection, we immediately initiated security protocols and conducted a full scan of our systems. We are informing all potentially affected Indians customers, and the attacked Taiwan system did not involve customer data. The incident has been reported to local law enforcement and authorities and has no significant impact on our operations and business continuity.” – Acer.
In addition to these two breaches, Acer was hit with a ransomware attack in March 2021, with the REvil ransomware gang encrypting their networks and demanding a $50 million ransom.
If the ransom is not paid, both data will be exposed because Desorden has a history of leaking data from hacked companies. In September 2021, Desordern claimed to have hacked into logistics company ABX Express and stole 200GB of data, including customers’ personal information.