Cyber War News announced yesterday that Maxney from the Turkish hacker group known as Ajan had breached six Acer India sub domains, defacing the landing pages and stealing data. The sites involved were acn.acer.co.in, adn.acer.co.in, aln.acer.co.in, asn.acer.co.in, humanet.acer.co.in, and select.acer.co.in. At the time of writing, all of these sites have been taken offline. The main Acer India site is operational, and the company has as yet made no public statement.
The defacements are visible on Zone-H (for example, acn.acer.co.in). The message left by Maxney is in support of Palestine and against Israel, with the fairly standard, “Stop Israeli terrorism” statement.
Cyber War News has analyzed the leaked file. It is a 41 Mb compressed RAR file containing two folders: Acer data and Acer server. “Inside the Acer Data is a heap of xls, doc and images files with clients purchasing, invoices and account movement details,” writes Cyber War News. “The other folder contains the core information from the server that was breached, as well as dump in txt format that contains a majority of the breached account credentials.” Account information and user credentials seem to be encrypted.
Maxney claimed that 20,000 user details had been leaked. The analysis shows some 5000 duplications, but confirms around 15,000 details leaked.
Less than three months ago the same Turkish hacking group group breached the Domino's pizza site in India, leaking 37,000 user details to Pastebin. Zone-H reports that Maxney has now made 32 defacement notifications; 17 of them comprising ‘mass’ defacements (such as this Acer attack), and 15 single IP address defacements.