Acer, a Taiwanese computer manufacturer, has revealed that its after-sales support systems in India were recently hacked in “an isolated attack.”
A representative for Acer Corporate Communications said that they quickly activated their security measures and ran a comprehensive check of their systems after being alerted. All possibly impacted consumers in India have been notified.
“Upon detection, we immediately initiated our security protocols and conducted a full scan of our systems. We are notifying all potentially affected customers in India,” an Acer Corporate Communications spokesperson told BleepingComputer.
He further said that the event was reported to local law enforcement agencies and the Indian Computer Emergency Response Team. This incident had no significant impact on their operations or business continuity.
According to Gartner, Acer is a Taiwanese multinational specializing in hardware and electronics and the world’s sixth-largest PC seller by unit sales.
While Acer did not reveal the identities of the perpetrators, a threat actor that goes by the name “GOD User” has already claimed responsibility for the attack on a famous hacker forum, claiming that they took more than 60GB of files and databases from the servers of Acer.
Client, corporate, and financial data and login information for Acer retailers and distributors in India are reportedly taken.
As proof, the threat actor demonstrated the stolen files and databases, 10,000 client records, and stolen credentials for 3,000 Indian Acer distributors and merchants in a video.
After the ransomware strike by REvil in March, this is the second time the computing giant’s servers have been hacked this year. At that time, Acer was asked to pay $50 million for a decryptor and the stolen data.
Acer did not provide a clear response when questioned, instead said that they have “reported recent anomalous events” to appropriate law enforcement agencies and data protection governing bodies.
“There is an ongoing investigation, and for the sake of security, we are unable to comment on details,” Acer responded to additional demands for more information.
