Acer confirms new attack on servers

An abstract image of padlocks overlaying a digital background.
(Image credit: Shutterstock)

Acer has confirmed that its servers in Taiwan have also been breached, after hackers themselves shared details about the incident with privacy watchdogs, PrivacyAffairs.

The incident comes days after the same threat actor that identifies itself as the Desorden Group, was auctioning data it had managed to extract from the after-sales service system in India.

“We have recently detected an isolated attack on our local after-sales service system in India and a further attack in Taiwan,” confirmed Acer spokesperson Steven Chung in a statement.

TechRadar needs yo...

We're looking at how our readers use VPNs with streaming sites like Netflix so we can improve our content and offer better advice. This survey won't take more than 60 seconds of your time, and we'd hugely appreciate if you'd share your experiences with us.

>> Click here to start the survey in a new window <<

Chung pointed out that unlike the breach in India, the attacked server in Taiwan contained no customer information, without giving more details. Desorden however shared that the server contained product information and employee data, adding that it only grabbed the latter.

More to follow?

Referring to Acer as a “global network of vulnerable servers” Desorden claims that besides the breached servers in India, and Taiwan, Acer servers in Malaysia, and Indonesia are just as vulnerable.

According to samples shared by the hackers, the breach of the Taiwanese servers has leaked internal documents, personally identifiable information (PII) of its employees, as well as what appears to be login credentials to some of Acer’s Taiwanese servers and internal admin panels.

Tim Wade, technical director, at cybersecurity company Vectra AI tells TechRadar Pro that breaches such as the one suffered by Acer show that businesses must rethink their protective strategies. Instead of focusing on traditional prevention tools, businesses must assume that they’ve already been breached, and work backwards to build resilience. 

“By assuming you’re compromised and actively searching for signs of an attack, you are in a much stronger position to detect all sorts of attacks in good time and stop them before they become breaches,” reasons Wade.

Via PrivacyAffairs

Mayank Sharma

With almost two decades of writing and reporting on Linux, Mayank Sharma would like everyone to think he’s TechRadar Pro’s expert on the topic. Of course, he’s just as interested in other computing topics, particularly cybersecurity, cloud, containers, and coding.