According to multiple media reports, hacker group Desorden once again hit Acer. The Taiwanese multinational company suffered the previous attack by the same group less than a week ago. This time hackers targeted the company’s servers in Taiwan.
Another attack on Acer – why?
Hackers’ purpose in all these attacks is to prove Acer`s vulnerabilities in protecting data1. That is how they responded to several media outlets. They also added that global networks including Malaysia and Indonesia servers are vulnerable too. Desorden notified that they took not all data but only Acer employees and product information. The group did not respond on what is the end-point of the attacks and how much data they stole this time.
“Upon detection, we immediately initiated our security protocols and conducted a full scan of our systems. We are notifying all potentially affected customers in India, while the attacked Taiwan system does not involve customer data,” – Acer spokesman Steven Chung.2
Company reported the incident to the relevant authorities and law enforcement. This year seems to be a year of hardships for Acer. One of the breaking news this year was the ransom demanded from Acer by the REvil group. It is still unclear whether the company paid that money. REvil asked for the whooping 50 million dollars ransom.
ABX and CRG are also the victims of Desorden
In last week’s attack Desorden stole 60 GB data containing information on Indian customers and distributors. Hackers published the sample of data and video on the RAID forum. The same group claimed responsibility for the attack on the Malaysian servers of ABX Express Enterprise in September this year also.
Another news posted on databreaches.net that Desorden hit Central Restaurants Group (CRG) in Thailand. Hackers proved it by publishing files of stolen information on one of the forums. Those files include employee details, membership card details of Mister Donut, vendor purchase order details and daily sales records of what they describe as thousands of restaurant outlets.3
CRG is known for a number of popular restaurant brands, including Kentucky Fried Chicken, Mister Donut ColdStone Creamery, Auntie Anne’s and others. The firm’s data protection office has not confirmed the attack yet. The stolen employee-related spreadsheet contains more than 2000 records with fields that included: phone number, email, nickname, emp_id, perface_id, thai_fname, thai_lname, eng_fname, eng_lname, username and other details as well.4
Desorden Group mostly targets organisations related to supply chains. Its name comes from Spanish, and translates into “disorder and chaos”. Its method of work is to pilfer data from its targets and then demand ransom. When victims do not pay, the group then sells the data on the Darknet markets.
- Interview from Desorden group on their Acer attack.
- https://www.zdnet.com/article/acer-hit-with-second-cyberattack-in-less-than-a-week-this-time-in-taiwan-offices/
- More about Desorden attack on Central Restaurants Group.
- https://www.databreaches.net/central-restaurants-group-in-thailand-hit-by-desorden/