Acer reportedly targeted with $50 million ransomware attack

Acer has reportedly been hit by a REvil ransomware attack, with the culprits demanding $50 million from the company.

According to Bleeping Computer, the ransomware gang reportedly breached Acer and shared some images of allegedly stolen files as proof on its website over the weekend.

The leaked images showed documents that include financial spreadsheets, bank balances, and bank communications, the report said, with the attack possibly coming from a Microsoft Exchange exploit.  

It is not confirmed whether Acer has paid the ransomware group.

After reaching out to Acer for comment, the company did not acknowledge whether it had suffered a ransomware attack. Instead, the company remained scant on the details, only stating that it "routinely monitors its IT systems".

"Acer routinely monitors its IT systems, and most cyberattacks are well defended. Companies like us are constantly under attack, and we have reported recent abnormal situations observed to the relevant law enforcement and data protection authorities in multiple countries," an Acer spokesperson said in an emailed statement.

"Acer discovered abnormalities from March and immediately initiated security and precautionary measures. Acer's internal security mechanisms proactively detected the abnormality, and immediately initiated security and precautionary measures."

The operators of the REvil ransomware extorted a New York-based law firm in May last year, threatening to release sensitive files on the company's celebrity clients unless the firm paid a $42 million ransom demand.

Prior to that, the group hit Travelex during the 2020 New Year's Eve, which resulted in the company's online services being put offline two weeks following the incident. 

Updated at 2:58pm AEST, 22 March 2021: Acer spokesperson sent through an inaccurate statement, the correction is that Acer discovered the abnormalities from March rather than early March.

Related Coverage

• Ransomware gang asks $42m from NY law firm, threatens to leak dirt on Trump
• Texas school district falls for email scam, hands over $2.3 million
  
• REvil ransomware gang 'acquires' KPOT malware
  
• Hackers exploit websites to give them excellent SEO before deploying malware
  
• Conti (Ryuk) joins the ranks of ransomware gangs operating data leak sites