Acer India breach: during the isolated attack 60GB of data got accessed

Acer confirms that after-sales service servers got breached

Acer breachedDatabases in India got accessed and hackers claim to have 60GB of customer and retailer data

Computer giant confirms that the isolated attack, as they say, resulted in breached systems but gives no further detail.[1] Taiwanese computer firm got the system accessed by the remote attacker before, but it is not identified if the two breaches are related.[2] The hacker group claimed to have 60GB of data stolen from Indian servers.[3]

The company has already managed to ensure the best security, so the issue is controlled. Once the breach was detected, security protocols got initiated, and the system got thoroughly checked. Possibly affected customers in India should be informed, according to the officials.

The company has not confirmed any details and stayed away from commenting, but the allegedly responsible hackers claimed to have stolen all this data. The group bragged about having stolen files from the databases stored on those Acer servers in the hacker forum online. The issue got reported by law enforcement.

The incident has been reported to local law enforcement and the Indian Computer Emergency Response Team, and has no material impact to our operations and business continuity.

Client data and login details accessed

It is not known if these gigabytes of data got really stolen, but those databases that got accessed store various sensitive details on customers and corporate. Financial data, login details for customers and Acer retailers, distributors from India got possibly breached.

The hacker who claimed to be the one responsible provided a video showing the files. Those databases show records related to 10 000 customers, credentials of 3 000 Indian Acer distributors. It is possible that more data can be published there by the attacker or even exposed on the different platforms since it is unknown what was the possible goal of the hacker or hacker group.

These details can be crucial in other attacks and secondary scams. Often such breached data is sold[4] online or used by the same hacker group. Emails, login credentials, credit card information can lead to direct scams, fund transfers, blackmail campaigns.

Acer have dealt with a similar issue back in March

Unfortunately, many companies encounter such issues with security, hackers, breaches, and even ransomware attacks.[5] Acer is no different. This is the second data breach incident in the past seven months. The systems got accessed by the attackers from the REvil ransomware gang.[6]

The cryptovirus was released in March, and the particular group claimed to be the one that demanded to get $50,000,000 for the possible decryption. This was, at the time, the largest ransom demand known. Later, in July, was beaten by the same hacker group when $70 million was asked from Kaseya. The company denied the breach then and stated that some issues were detected and abnormal situations got reported to law enforcement, data protection, but neither the breach nor the ransomware attack got particularly admitted publicly.

Right now, the incident is under investigation, and Acer denies any comment to media sources. The security of databases and servers in such companies should be the most important thing, especially since Acer is the company known as being the sixth-largest PC vendor, based on sales. The multinational company has more than 7 000 employees in different countries and makes just under $10 billion per year.

About the author
Ugnius Kiguolis
Ugnius Kiguolis - The mastermind

Ugnius Kiguolis is a professional malware analyst who is also the founder and the owner of 2-Spyware. At the moment, he takes over as Editor-in-chief.

Contact Ugnius Kiguolis
About the company Esolutions