[TheRecord] Acer confirms second security breach this year

A spokesperson for Taiwanese computer maker Acer has confirmed today that the company suffered a second security breach this year after hackers advertised the sale of more than 60 GB of data on an underground cybercrime forum.

Supposedly containing customer details and login information for Indian retailers and distributors, the data was shared on RAID, a forum used by threat actors over the past years to extort companies and sell stolen data.

Samples of the stolen data, along with a video of the rest of the files, were shared by the threat actor.

The Record was able to confirm some of the data that was leaked on Wednesday.

Image: The Record

Responding to a request for comment sent yesterday by The Record, an Acer spokesperson confirmed the hack in an email earlier today, after the company notified its security team and investigated the hackers’ claims.

The full unedited statement is available below:

We have recently detected an isolated attack on our local after-sales service system in India. Upon detection, we immediately initiated our security protocols and conducted a full scan of our systems. We are notifying all potentially affected customers in India. The incident has been reported to local law enforcement and the Indian Computer Emergency Response Team, and has no material impact to our operations and business continuity.

Steven Chung, Acer Corporate Communications

Although the hackers behind this second breach offered to respond to reporter requests, they have yet to return a request for comment sent yesterday.

Today’s confirmation marks the second security breach that Acer has suffered this year after falling victim to a ransomware attack in March, during which the REvil ransomware group demanded a whopping $50 million from the computer maker.

This is also the second time Acer India’s network has been breached after hackers stole 20,000 user credentials back in 2012.

The post Acer confirms second security breach this year appeared first on The Record by Recorded Future.

Source: Read More (The Record by Recorded Future)

You might be interested in …

[SecurityWeek] Vulnerability in Popular Survey Tool Exploited in Possible Chinese Attacks on U.S.

All posts, Security Week

A recently disclosed vulnerability affecting a popular survey creation tool has been exploited by a threat group that may be linked to China against organizations in the United States. read more Source: Read More (SecurityWeek RSS Feed)

Read More

Podcast appearance | Jargonmankeli ep. #11

I was recently interviewed on Alma Talent’s podcast about cybercrime. The interview is in Finnish. You can find the Jargonmankeli-podcast on any decent podcast platform, (here’s the iTunes link). Here’s the SoundCloud link if the embed doesn’t work.

Read More

[BleepingComputer] Ransomware gang leaks data from Metropolitan Police Department

Babuk ransomware operators have leaked what they claim are personal files belongin to police officers from the Metropolitan Police Department after negotiations went stale. […] Source: Read More (BleepingComputer)

Read More