In a second data breach in a matter of months, a hacker group claims to have accessed over 60 gigabytes of data from technology company Acer’s India servers.
Hackers say they stole over 60GB of data from technology company Acer’s servers in India, which includes individual customer information, corporate customer data, information about accounts that are sensitive, and financial data. The hackers also claim they got access to login details for 3,000 Acer retailers and distributors in India.
“We have attacked and breached Acer India servers,” a hacker going by the name of Desorden stated in a forum. “We have stolen over 60GB of files and databases from their servers.” Desorden added that this include’s customers’ data, customer, corporate accounts and financial information. He added that “Affected customer data are in the millions.” This doesn’t include emails yet.
Acer India has found that their local after-sales service system has been hacked. This occurred back in June, and upon detection, Acer immediately send team of specialists to investigate the process, analyze evidence of use and implement security protocols. Further details will be updated to all potentially affected customers in India. Confirms by Acer spokesperson.
The incident has been reported to local law enforcement, the Indian Computer Emergency Response Team, and has no material impact to our operations and business continuity. We are currently working with law enforcement officials to trace this source of the compromise, the company confirms.
Desorden stated that the alleged breach had affected users from India. The company had verified Acer’s data that a breach had indeed occurred and a country-wide investigation was being carried out into who might be behind it.
The researchers at Privacy Affairs have examined the data sets that were released by the hackers who claimed to have stolen the personal credentials of people.
We looked through some of the data set and found customer records that appear to be authentic. We are currently in communication with our legal department. I can confirm that at this time we are reporting this incident to all applicable law enforcement agencies.
Miklos Zoltan, CEO of PrivacyAffairs
In March, a ransomware attack by the REvil group led to a data breach at Acer, with the demands for a ransom of $50,000,000. The data breach was discovered and contained. Following this discovery and containment, computer experts worked hard to limit the spread and harm of any potential damage caused by the attack. It was initially denied that any of their servers had been breached.
Ransomware is a very serious threat to the security of any company, so it’s important to have necessary measures in place. It is unclear whether Desorden demands payment from ABX Express, but they did access over 200 GB data from their Malaysian servers recently.