Data for millions of Acer's clients and customers is currently being held after the computing company was subject to yet another data breach. Over 60GB of client, customer, and retailers' information now lies in the hands of hackers, who are currently seeking buyers to sell the data on to.
The breach mostly affects customers in India, where the targeted servers reside, and is the second attack Acer has had the misfortune to encounter in the past seven months—a previous incident in March (opens in new tab), claimed by the REvil hacker group, involved a record $50 million ransom.
This time, the infiltration has been attributed to antagonist group Desorden, after it was seen bragging in an online forum. The group even included a video showcasing the stolen files and databases, and released a sample 10,000 customers' data for free, as proof.
In speaking to several affected parties, Privacy Affairs (opens in new tab) confirmed much of the stolen data to be accurate. That puts Acer and its customers in a very compromising position.
"We have recently detected an isolated attack on our local after-sales service system in India." Acer told BleepingComputer (opens in new tab). "Upon detection, we immediately initiated our security protocols and conducted a full scan of our systems. We are notifying all potentially affected customers in India."
We believe Acer refused to pay up last time a breach like this occurred, which is probably why the attackers have gone with selling the data on, rather than trying to get Acer to comply with demands.
Either way, while it looks like Acer is taking steps in the right direction after the attack, it's unlikely the company will be getting the stolen data back.