Acer has confirmed yet another cyberattack on its servers in Taiwan after their offices in India were hit less than a week ago by the same group. The Desorden Group, which claimed responsibility for both attacks, contacted reporters and said part of why they conducted the second attack was to prove their point “that Acer is way behind in its cybersecurity effects on protecting its data and is a global network of vulnerable servers.” Acer spokesman Steven Chung told reporters that the company recently detected “an isolated attack on our local after-sales service system in India and a further attack in Taiwan. Upon detection, we immediately initiated our security protocols and conducted a full scan of our systems. We are notifying all potentially affected customers in India, while the attacked Taiwan system does not involve customer data.” He also added that “the incident has been reported to local law enforcement and relevant authorities and has no material impact to our operations and business continuity.” The group said it hacked Acer’s Taiwan servers that stored data on its employees and product information. “We did not steal all data, and only took data pertaining to their employee details. Right after the breach, we informed Acer management on the Taiwan server breach and Acer has since taken the affected server offline,” the group said in an email to reporters. They also added that a few other Acer servers are vulnerable as well. The group did not say how much data they stole in this attack and did not respond to questions about what its end-goal is with these breaches. Acer has had a rough year from a cybersecurity perspective, suffering a ransomware attack in March that led to a previously unheard ransom demand of $50 million. It is unclear if Acer ever paid the ransom. The attack last week on the company’s servers in India led to 60GB of files being stolen by the Desorden Group, which also claimed an attack on the Malaysian servers of ABX Express Enterprise in September.
Analyst Notes
Even though the Desorden Group claims that they did not steal any client data, only employee data, it is recommended that all clients change their login credentials in case this is not the case. Passwords should be unique to the login and be made complex using a mix of upper case, lower case, numeric and special characters.
https://www.zdnet.com/article/acer-hit-with-second-cyberattack-in-less-than-a-week-this-time-in-taiwan-offices/
