Acer suffers a second data breach in a week

Tech giant Acer was hacked again in a few days, after the compromise of the servers in India, threat actors also breached some of its systems in Taiwan.

Tech giant Acer was hacked twice in a week, the same threat actor (Desorden) initially breached some of its servers in India, now it is claiming to have also breached some systems in Taiwan.

Last week the company revealed that its after-sales service systems in India were hit by an isolated attack.

The incident was disclosed after threat actors have advertised the sale of more than 60 GB of data on an underground cybercrime forum.

The threat actors now claim to have breached the servers of Acer Taiwan on October 15th and have stolen internal data, including employee and product information.

Desorden compromised Acer for the second time in less than a week to demonstrate that the company is still exposed to cyber attacks to its negligence, he also claims that other servers in Asia of the company are still vulnerable.

In response to the intrusion, Acer Taiwan took down the compromised server.

“We have recently detected an isolated attack on our local after-sales service system in India and a further attack in Taiwan. Upon detection, we immediately initiated our security protocols and conducted a full scan of our systems. We are notifying all potentially affected customers in India, while the attacked Taiwan system does not involve customer data. The incident has been reported to local law enforcement and relevant authorities, and has no material impact to our operations and business continuity.” reads the statement issued by the Tech giant.

This is the third time ACER suffered a security breach, in March the computer giant was hit by REvil ransomware operators that compromised its systems and requested the record $50,000,000 ransom.

While the threat actors claimed to have obtained information on customers, login credentials for retailers and distributors, and corporate and financial documents, the company pointed out only employees’ data was exposed.

Follow me on Twitter: @securityaffairs and Facebook

[adrotate banner=”9″]

[adrotate banner=”12″]

Pierluigi Paganini

(SecurityAffairs – hacking, data breach)

[adrotate banner=”5″]

[adrotate banner=”13″]

Pierluigi Paganini

Pierluigi Paganini is member of the ENISA (European Union Agency for Network and Information Security) Threat Landscape Stakeholder Group and Cyber G7 Group, he is also a Security Evangelist, Security Analyst and Freelance Writer. Editor-in-Chief at "Cyber Defense Magazine", Pierluigi is a cyber security expert with over 20 years experience in the field, he is Certified Ethical Hacker at EC Council in London. The passion for writing and a strong belief that security is founded on sharing and awareness led Pierluigi to find the security blog "Security Affairs" recently named a Top National Security Resource for US. Pierluigi is a member of the "The Hacker News" team and he is a writer for some major publications in the field such as Cyber War Zone, ICTTF, Infosec Island, Infosec Institute, The Hacker News Magazine and for many other Security magazines. Author of the Books "The Deep Dark Web" and “Digital Virtual Currency and Bitcoin”.