Just three days after breaching Acer India, the hacker group Desorden announced on October 16 that it had now hacked and breached Acer Taiwan, releasing sensitive employee information.
More bad news for computer hardware manufacturer Acer after hacker group announces another breach against the company.
The hacker group Desorden announced today (October 16) that it had hacked Acer Taiwan and found vulnerabilities on its Malaysian and Indonesian network as well.
Desorden contacted Privacy Affairs regarding the new hack.
This morning we received the following email:
We have reached out to Acer after being notified of this new hack.
Update: On October 18, Acer spokesperson Steven Chung confirmed the attack to Privacy Affairs.
Chung gave the following statement:
“We have recently detected an isolated attack on our local after-sales service system in India and a further attack in Taiwan. Upon detection, we immediately initiated our security protocols and conducted a full scan of our systems. We are notifying all potentially affected customers in India, while the attacked Taiwan system does not involve customer data. The incident has been reported to local law enforcement and relevant authorities, and has no material impact to our operations and business continuity.”
The hackers also announced the above on a known hacker forum. They hackers allege that they did not steal all the available data on the server and only took data pertaining to Acer employee details.
The hackers claim that immediately after the breach they notified Acer management and Acer has since taken the affected server offline.
Samples were provided of the alleged hack showing internal documents and sensitive employee information.
The samples show data from as recent as October 14, indicating that the alleged hack took place sometime around this date.
The released information appears to include login information including passwords to some of Acer’s Taiwanese servers and internal admin panels.
The hackers are also alleging that they managed to find vulnerabilities pertaining to Acer’s Malaysian and Taiwanese servers too.
Desorden claims that they carried out the hack in order to “prove our point that Acer is a global network of vulnerable servers”.
When asked about their motivations, Desorden told Privacy Affairs that their hacks are financially motivated.