Acer confirmed a cyberattack on its desktops in India this week, after hackers from the Disorder Group claimed to have breached servers and stolen 60 GB of files.
The group sent an e-mail to ZDNet about the hack, claiming to have the client’s corporate and commercial data, as well as financial information. Questioned, the hackers will deny that it was a ransomware attack and affirm that they will have access to the company’s servers “for a long time”.
An Acer spokesperson confirmed the attack, telling ZDNet that its security team recently detected an “isolated attack” on its local after-sales service system in India.
“After detection, we immediately start our security protocols and carry out a complete verification of our systems,” said an Acer spokesperson. “We are notifying all potentially affected customers in India. The incident was reported to the local police and the Computer Emergency Response Team in India and has no material impact on our operations and business continuity.”
After receiving a message from Acer, or ZDNet asking hackers if they still have access.
“Acer is a global network of vulnerable systems. We do not have further access to its Indian servers. This is all that we can disclose at this time,” the hackers said in a subsequent message.
This is the second cyberattack Acer has suffered after being attacked by ransomware in March.
Ransomware group REvil claimed the attack and followed up with a $50 million ransom, one of the highest reported at this time. Acer offered to pay the group 10 million dollars, which was rejected by hackers.
The Registry reports that data recently stolen by the Desorden Group was published on the cybercrime attack forum and sent to journalists.
Acer India suffered a similar cyber-attack in 2012 by a Turkish cyber-delinquent group, according to DataBreaches.net. The attackers defaced the company’s website and sifted through 20,000 user credentials at this point.
DataBreaches.net reported last month that Disorder Group recently claimed to have hacked ABX Express Enterprise servers in Malaysia on September 23.
As in the last attack, the group sent parts of the stolen files to journalists and published them in the RAID forum. They claimed to have stolen 200 GB of information, including the data of millions of Malays.
In messages published on the website, the group said that its name means “chaos y chaos” and that it was reorganized after originally using the name “Chaos CC”.
The group says it plans to attack the supply chains and cause “disorder and chaos” affecting as many people as possible. Disorder Group says it plans to retain rescue data and sell them if they are not paid. At that time, they claimed to be negotiating a ransom with an unnamed Italian car supply company.
