{
	"id": "4e9f9e9c-1277-4a0a-b803-efc35bd4bfa6",
	"created_at": "2026-04-09T02:23:58.912601Z",
	"updated_at": "2026-04-10T13:12:46.093841Z",
	"deleted_at": null,
	"sha1_hash": "26c7e133d08fc7fb909663f96ef4ca484b596f0f",
	"title": "Acer under fire: Now hackers claim to have hit Acer Taiwan, too - DataBreaches.Net",
	"llm_title": "",
	"authors": "",
	"file_creation_date": "0001-01-01T00:00:00Z",
	"file_modification_date": "0001-01-01T00:00:00Z",
	"file_size": 152481,
	"plain_text": "Acer under fire: Now hackers claim to have hit Acer Taiwan, too -\r\nDataBreaches.Net\r\nPublished: 2021-10-16 · Archived: 2026-04-09 02:14:38 UTC\r\nDESORDEN threat actors are still going after Acer, it seems.  In addition to their recent revelation that they\r\nexfiltrated 60 GB of data from Acer India — a breach that Acer confirmed — they have alerted DataBreaches.net\r\nthat they have also successfully attacked Acer in Taiwan.  In a statement to DataBreaches.net, the threat actors\r\nwrite:\r\nTo prove our point that Acer is way behind in its cyber security effects on protecting its data and is a\r\nglobal network of vulnerable servers. We have hacked and breached Acer Taiwan server, storing data on\r\nits employee and product information.\r\nAs proof of claim, they provided links to some data, including a file that does appear to be Acer Taiwan employee\r\ndata.\r\nDESORDEN claims that they did not steal all data, and “only took data pertaining to their employee details.”\r\nImage: Some of the alleged employee data from Acer Taiwan, redacted by DataBreaches.net.\r\n“Right after the breach, we informed Acer management on the Taiwan server breach and Acer has since taken the\r\naffected server offline,” they added.\r\nDataBreaches.net has reached out to Acer Taiwan for comment, but did not receive an immediate reply.  This site\r\nhas also asked DESORDEN to clarify what their actual goal is with respect to Acer and how much ransom they\r\nhave been demanding. DESORDEN replied that they did not make a demand for separate payment for the Taiwan\r\nbreach. “We informed them to close the vulnerability,” they explained.\r\nDESORDEN’s message ended with a somewhat ominous note for Acer:\r\nAlso,  a few other of its global networks including Malaysia and Indonesia servers are vulnerable too.\r\nhttps://www.databreaches.net/acer-under-fire-now-hackers-claim-to-have-hit-acer-taiwan-too/\r\nPage 1 of 2\n\nThis post will be updated when a reply is received from Acer Taiwan. In the meantime, DESORDEN also posted\r\ntheir claims to a popular forum for trading, sharing, and selling data.\r\nUpdated at 2:13 to include DESORDEN’s explanation that there was no separate payment demand associated\r\nwith the Taiwan attack. \r\nUpdated October 18: DataBreaches.net has received the following statement from Acer:\r\nWe have recently detected an isolated attack on our local after-sales service system in India and a\r\nfurther attack in Taiwan. Upon detection, we immediately initiated our security protocols and conducted\r\na full scan of our systems. We are notifying all potentially affected customers in India, while the\r\nattacked Taiwan system does not involve customer data. The incident has been reported to local law\r\nenforcement and relevant authorities, and has no material impact to our operations and business\r\ncontinuity.\r\nBest regards,\r\nSteven\r\nAcer Corporate Communications\r\nDataBreaches.net has sent a follow-up inquiry asking whether Acer will be notifying employees, and what it is\r\ndoing proactively in light of DESORDEN’s claims that other Acer units are vulnerable, too.  Acer’s spokesperson\r\nreplied:\r\nAs this is an ongoing investigation and for the sake of security, we are unable to comment on details,\r\nbut potentially affected parties are being notified. Upon detection, we immediately initiated our security\r\nprotocols and conducted a full scan of our systems. The incident has been reported to local law\r\nenforcement and relevant authorities.\r\nSource: https://www.databreaches.net/acer-under-fire-now-hackers-claim-to-have-hit-acer-taiwan-too/\r\nhttps://www.databreaches.net/acer-under-fire-now-hackers-claim-to-have-hit-acer-taiwan-too/\r\nPage 2 of 2",
	"extraction_quality": 1,
	"language": "EN",
	"sources": [
		"ETDA"
	],
	"origins": [
		"web"
	],
	"references": [
		"https://www.databreaches.net/acer-under-fire-now-hackers-claim-to-have-hit-acer-taiwan-too/"
	],
	"report_names": [
		"acer-under-fire-now-hackers-claim-to-have-hit-acer-taiwan-too"
	],
	"threat_actors": [
		{
			"id": "e5ccc758-f2a5-417b-ba5c-70edf39bc048",
			"created_at": "2022-10-25T16:07:24.481513Z",
			"updated_at": "2026-04-10T02:00:05.005021Z",
			"deleted_at": null,
			"main_name": "Desorden",
			"aliases": [],
			"source_name": "ETDA:Desorden",
			"tools": [],
			"source_id": "ETDA",
			"reports": null
		},
		{
			"id": "b4f79ca0-e94b-4abe-a61e-ea3d2a2458ad",
			"created_at": "2022-10-25T16:07:24.444096Z",
			"updated_at": "2026-04-10T02:00:04.994412Z",
			"deleted_at": null,
			"main_name": "ALTDOS",
			"aliases": [
				"0mid16B",
				"ALTDOS",
				"Desorden",
				"GHOSTR"
			],
			"source_name": "ETDA:ALTDOS",
			"tools": [
				"Agentemis",
				"Cobalt Strike",
				"CobaltStrike",
				"cobeacon"
			],
			"source_id": "ETDA",
			"reports": null
		}
	],
	"ts_created_at": 1775701438,
	"ts_updated_at": 1775826766,
	"ts_creation_date": 0,
	"ts_modification_date": 0,
	"files": {
		"pdf": "https://archive.orkl.eu/26c7e133d08fc7fb909663f96ef4ca484b596f0f.pdf",
		"text": "https://archive.orkl.eu/26c7e133d08fc7fb909663f96ef4ca484b596f0f.txt",
		"img": "https://archive.orkl.eu/26c7e133d08fc7fb909663f96ef4ca484b596f0f.jpg"
	}
}