Computer manufacturer Acer suffered two security incidents on its servers in Taiwan and India in less than a week. Threat actor group Desorden reportedly announced that it had compromised the Indian servers of Acer, affecting the private information of millions of clients. The group claims to have stolen 60 GB of customers’ information, including corporate and sensitive financial information. The compromised data also included login details of Acer retailers and distributors in India.
Users’ Data on Hacker Forum
Desorden group reportedly leaked personal data of more than 10,000 Indian customers on a hacking forum for free as proof of their cyberattack. Leaked customer data could pose severe security issues, as it could be misused to launch various kinds of phishing attacks.
Acer Said ‘No’ to Ransom
While it’s unclear how Desorden obtained access to the servers, Acer stated that it informed the law enforcement authority in India for further investigation. The company also clarified that it would not negotiate or pay any ransom to the attackers.
“We have recently detected an isolated attack on our local after-sales service system in India. Upon detection, we immediately initiated our security protocols and conducted a full scan of our systems. We are notifying all potentially affected customers in India. The incident has been reported to local law enforcement and the Indian Computer Emergency Response Team and has no material impact to our operations and business continuity,” Acer spokesperson Steven Chung said in a media statement.
Not the First Time
In March 2021, Acer sustained a major ransomware attack by the infamous REvil ransomware group. Attackers reportedly demanded over $50 million ransom. The ransomware operators compromised Acer’s network systems and allegedly shared images of stolen files as proof of compromise. The exposed images included the company’s sensitive documents like financial spreadsheets, bank balance statements, and other private communications with the bank.
Are Indian organizations more prone to data breaches?
Indian organizations are a primary target of several cybercriminal groups due to India’s emergence as a global IT player and its growth in the digitalization of the public and private sectors. While enterprises in India are enhancing their security defenses, a recent analysis from Trend Micro revealed that nearly 73% of organizations in India are likely to suffer a data breach in the next 12 months. In its latest Cyber Risk Index (CRI) report, Trend Micro revealed that lost IP, critical infrastructure damage, and cost of outsourced experts are the major consequences faced by Indian organizations after a data breach.