A hacking group is demanding $50 million from Acer, Bleeping Computer reported, in what appears to be one of the biggest ransomware demands to date. According to Bleeping Computer, the attackers may have gained access to the Taiwanese computer manufacturer’s network via a Microsoft Exchange vulnerability. The REvil group that carried out a ransomware attack on Travelex last year is believed to be behind the Acer breach as well.
Bleeping Computer said REvil is giving Acer until March 28th to pay the ransom or it will leak the data it claims to have collected. Microsoft recently released several security updates to fix vulnerabilities for exploits found in its Exchange software, but it wasn’t immediately clear whether the Acer breach was connected.
Acer did not acknowledge whether it had been the victim of a ransomware attack, but a spokesperson said in an email to The Verge on Saturday that the company “routinely monitors its IT systems, and most cyberattacks are well defensed. Companies like us are constantly under attack, and we have reported recent abnormal situations observed to the relevant law enforcement and data protection authorities in multiple countries.”
The spokesperson added that the company could not provide further information: “As this is an ongoing investigation and for the sake of security, we are unable to comment on details.”
Update March 20th 11:10AM ET: Adds statement from Acer spokesperson