Hacker Puts Another Batch of 26 Million Accounts for Sale on the Dark Web
Last updated September 28, 2021
Acer, the popular Taiwanese multinational hardware and electronics company, has been hacked by the hacker Group Desorden. The actors announced the breach on a dark web forum and published a sample of 10,000 sensitive details as proof, allowing Acer to verify the data is authentic. On October 14, Acer confirmed. This server breach seems to have occurred on October 5, 2021.
Desorden announced in a forum post that they had breached the company’s Indian servers hosting their "acer.co.in" website, claiming they stole 60 GB worth of data from these servers. The stolen data included sensitive customer details, corporate operations, and financial audit data, but also login details of Acer retailers and distributors. Privacy Affairs, the publication that first released the story, checked the data authenticity by contacting some compromised clients.
According to a statement by Acer spokesperson Steven Chung, the attack was an isolated breach of the company’s after-sales service system in India. The company launched its security protocols immediately upon upgrade and conducted a complete scan. They have moved to inform all potentially affected clients across India, as well, and reported the incident to local law enforcement, including the Indian Computer Emergency Response Team. Chung also stated the breach had no impact on their ongoing operations.
The Desorden hacker group is also linked with other cybersecurity attacks. They claimed to have stolen 200 GB of data from the Malaysian division of ABX Express Enterprise on September 23, 2021. They also hacked SkyNet.com.my Malaysia Logistics and sold the personal data of millions of clients. They also hacked into the Singaporean division of the ProTemps’ website, a recruitment and HR company.
This is the second major attack suffered by Acer in 2021. The first one was a major ransomware attack perpetrated by REvil, where the cybercriminals demanded $50 million in ransom.