Acer has confirmed a data breach on its after-sales systems in India. The company said that this was an isolated attack, and the appropriate authorities had been informed.
“Upon detection, we immediately initiated our security protocols and conducted a full scan of our systems. We are notifying all potentially affected customers in India,” an Acer Corporate Communications spokesperson told BleepingComputer.
The attack has been reported to local law enforcement and the Indian Computer Emergency Response Team.
So far, a threat actor has claimed responsibility for the breach and posted on a popular forum that they stole more than 60GB of data from Acer’s servers. The files include client, corporate, financial data, and login details of various retailers and distributors for Acer in the country.
The hacker group calling itself DESORDEN posted a video with files and databases containing records of 10,000 customers and credentials for over 3,000 Acer authorized distributors and retailers in India.
This is the second time that Acer has fallen victim to a data breach this year. The first data breach, carried out by REvil, managed to access the company’s financial records and bank accounts details. They then held the company for a $50 million ransom.
The attack took advantage of a vulnerability in the Microsoft Exchange Framework to get into Acer’s servers.
The $50 million ransom was the highest demanded before REvil took down Kaseya and demanded a $70 million ransom for a decryptor.
Kaseya provides software tools to IT outsourcing offices and puts more than 1500 businesses worldwide at risk.