Three days after breaching Acer India, the hacker group Desorden announced on October 16 that it had now hacked and breached Acer Taiwan, releasing sensitive employee information.
More bad news for computer hardware manufacturer Acer after a hacker group announces another breach against the company.
The hacker group Desorden announced today (October 16) that it had hacked Acer Taiwan and found vulnerabilities in its Malaysian and Indonesian networks as well.
Desorden contacted Privacy Affairs regarding the new hack.
This morning we received the following email:
We have reached out to Acer after being notified of this new hack.
Update: On October 18, Acer spokesperson Steven Chung confirmed the attack to Privacy Affairs.
Chung gave the following statement:
“We have recently detected an isolated attack on our local after-sales service system in India and a further attack in Taiwan. Upon detection, we immediately initiated our security protocols and conducted a full scan of our systems. We are notifying all potentially affected customers in India, while the attacked Taiwan system does not involve customer data. The incident has been reported to local law enforcement and relevant authorities and has no material impact on our operations and business continuity.”
The hackers also announced the above on a known hacker forum. The hackers allege that they did not steal all the available data on the server and only took data about Acer employee details.
The hackers claim that immediately after the breach, they notified Acer management, and Acer has since taken the affected server offline.
Samples were provided of the alleged hack showing internal documents and sensitive employee information.
The samples show data from as recent as October 14, indicating that the alleged hack took place sometime around this date.
The released information appears to include login information, including passwords to some of Acer’s Taiwanese servers and internal admin panels.
The hackers are also alleging that they managed to find vulnerabilities in Acer’s Malaysian and Taiwanese servers too.
Desorden claims that they carried out the hack to “prove our point that Acer is a global network of vulnerable servers.”
When asked about their motivations, Desorden told Privacy Affairs that their hacks are financially motivated.
This new hack comes just three days after the previous one, where Desorden managed to breach Acer India.
Privacy Affairs was the first to break the story on October 13, when hackers announced they breached Acer India and released sensitive personal information of several million Acer customers from India.
Acer spokesperson Steven Chung confirmed the October 13 hack to Privacy Affairs via email.
We have reached out again to Acer regarding this newest alleged hack. We will update this story as new details emerge.
Check out our detailed investigation into dark web prices for more info.
We believe security online security matters and its our mission to make it a safer place.