Taiwanese hardware manufacturer Acer has been hacked for the second time in recent weeks. The attack was claimed by the same hack group that launched the first attack last week. The cybercriminals claim that other regional divisions of the company are also vulnerable.
Let me remind you that the first attack became known last week, when the Desorden hack group announced that it had stolen more than 60 gigabytes of data from Acer. The announcement of the sale of information appeared on the well-known RAID hacker forum. According to the seller, the dump was obtained after hacking the company’s Indian servers and contained corporate, financial and audit documents, details of millions of customers, as well as credentials of Acer retailers and distributors.
To prove their words, the attackers provided samples of the stolen data, as well as a video showing the rest of the files. Acer representatives eventually confirmed the hack and noted that the attack only affected the local after-sales service system in India.
But, as it turned out, not only the Indian division of the company was vulnerable to attackers. Reporters Bleeping Computer report that contact them Desorden representatives and declared that October 15, 2021, they also broke the Taiwanese division of Acer and stole information about the products and employees of the company. The hackers say they carried out the attack to prove that Acer is still vulnerable.
The hackers provided the publication with screenshots of the internal Taiwanese portal Acer, as well as CSV files containing employee credentials.
“We did not ask for a separate payment for breaking into the Taiwan branch. This should prove our point of view that Acer is neglecting cybersecurity, ”the attackers say.
Although Acer employees have already shut down the vulnerable Taiwanese server, hackers say other servers in Malaysia and Indonesia are still vulnerable.
Acer representatives confirmed to reporters that the hack group is not lying, and the hack did take place. This time, it is emphasized that the leak affected only employee data, but not customer information.
Catch up on more stories here
Follow us on Facebook here