Acer India has reportedly confirmed that its after-sales service systems in the country have been breached. According to Bleeping Computer, the threat actor has already claimed the attack on a popular hacker forum, saying that data amounting to roughly 60GB has been compromised. The allegedly stolen data includes client, corporate, and financial information as well as login details belonging to Acer retailers and distributors from India. Earlier this year, Acer had again faced a cybersecurity issue where a hacker group demanded $50 million in ransom. The same publication had spotted the attack and noted hackers may have gained access to Acer’s network via a Microsoft vulnerability.
The cause of the current cyber attack remains unclear, and the Taiwanese PC maker is yet to share information officially. However, the company confirmed the issue to Bleeping Computer and called it “an isolated attack.” A spokesperson added that Acer had alerted Indian Computer Emergency Response Team, and the cyber attack does not affect its operations and business. “Upon detection, we immediately initiated our security protocols and conducted a full scan of our systems. We are notifying all potentially affected customers in India,” an Acer Corporate Communications spokesperson was quoted as saying. News18 has also reached out to Acer India for clarification, and the story will be updated following a response.
The unidentified threat actor has reportedly provided a video showcasing the stolen files and databases. It also contains records of 10,000 customers and stolen credentials for 3,000 Indian Acer distributors and retailers.
Earlier this year, the REvil hacker group was allegedly responsible for carrying out the first cyberattack on Acer servers. The same hacker group carried out a ransomware attack on Travelex last year. The same ransomware gang has been targeting major organisations around the world, stealing their data and listing them on a dark web marketplace. The REvil hacker group used to operate a dark web marketplace called Happy Blog where it sold exploited data.