Acer has just confirmed that its servers were beached by a group of hackers called Desorden. The hackers managed to steal over 60 gigabytes worth of data containing sensitive information about millions of Acer’s customers.
The compromised information includes the names, addresses, and phone numbers of several million clients, but also restricted corporate financial data.
The hack was recently reported by the hackers themselves and was later confirmed to be true by Acer. Desorden has managed to breach Acer’s servers in India and obtain massive amounts of data. The data consists of both consumer and corporate accounts. According to Desorden, the “affected customer data are in the millions.”
As proof of the data breach, the hacker group published over 10,000 accounts of private customer data. The remaining data will be put for sale, and the post has already gathered some interest from potential buyers. The hackers haven’t made it clear whether they wish to sell the data on the underground market, or they simply want Acer to pay a ransom for it.
According to Acer, the company has immediately instated security measures and performed a full scan of its systems. The attack affected Acer’s local after-sales service system in India. The company has then started notifying all potentially affected customers. In a statement made to Privacy Affairs, Acer claims that this incident will have no impact on its business continuity. That is most likely true, but it’s certainly bad timing for the brand, as this is the second major data breach it suffered just this year.
Earlier this year, Acer’s servers fell victim to a ransomware attack conducted by the hacking group called REvil. The stolen data was all sensitive, including bank balances, bank communications, and other financial information.
REvil demanded $50 million paid in XMR (a cryptocurrency) as a ransom for the stolen data. Acer hasn’t commented on the situation beyond admitting to “abnormal situations being observed” during the time of the attacks. This data breach was, in fact, the largest known ransom demand to date.
Aside from the two hacking incidents, it has been a successful year for Acer. The company has recently started selling laptops with Windows 11 pre-installed, and it was among the first brands to do so. It’s also getting ready to start selling what might potentially become the best gaming monitor ever, the Acer Nitro XV2.
One data breach is bad enough, but to suffer from a second one in the same year is a true disaster for Acer. Even more so, it’s a disaster for its customers. Unfortunately, companies of Acer’s caliber are often under attack, and it seems that in 2021, at least two of these attempts were successful. It’s definitely a sign that a tightening of security measures might be necessary for Acer.