Facebook Twitter Instagram
    • Privacy Policy
    • Contact Us
    Facebook Twitter Instagram Pinterest Vimeo
    AI Home SecurityAI Home Security
    • Home
    • Home Security
    • Cyber Security
    • Biometric Technology
    Contact
    AI Home SecurityAI Home Security
    Cyber Security

    Ace Hardware Still Reeling From Weeklong Cyberattack

    justmattgBy justmattgNovember 5, 2023No Comments3 Mins Read

    [ad_1]

    Ace Hardware has yet to recover many of its IT systems five days into a cyberattack that affected 196 servers and more than 1,000 network devices.

    Ace President and CEO John Venhuizen sent a letter to franchise owners on Monday morning, which was shared by a third-party contractor on Reddit. In it, Venhuizen explained that “many of our key operating systems, including ACENET, our Warehouse Management Systems, the Ace Retailer Mobile Assistant (ARMA), Hot Sheets, Invoices, Ace Rewards and the Care Center’s phone system have been interrupted or suspended. More specifically, the impact of this incident is resulting in disruptions to your shipments.”

    In a follow-up FAQ, the CEO urged stores to stay open, as point-of-sale (POS) systems were unaffected.

    According to a notice sent to store owners early Friday morning obtained by Bleeping Computer, Ace operates around 1,400 servers and 3,500 networked devices, of which nearly 200 servers and just over 1,000 other devices were impacted. Some 51% of those affected servers have since been restored and are being certified by Ace’s IT department.

    In some ways, though, the story has only gotten worse since Monday. Many of the affected systems remain underwater and, in the leadup to the holiday season, customers remain unable to place online orders. Plus, there have been multiple incidents of store owners experiencing follow-on phishing attacks.

    “While the impact to business operations and financial losses may be the most tangible examples of the damage that these attacks cause, the reputational impacts can be equally devastating,” Darren Guccione, CEO and co-founder at Keeper Security, points out. “The ripple effect from the damage can be felt for months and even years after the attack.”

    Downstream Phishing Against Branches

    A cautionary notice reportedly warned retailers of two different scams attackers are perpetrating, possibly with the information gathered from their initial breach.

    “Specifically, one involves a criminal sending a spoof email asking the retailer to send electronic payments meant for Ace Hardware Corporation to an alternate bank while we work to restore our systems. The email looks legitimate and appears to be coming from someone in the Ace Finance Department,” the letter explained.

    “The second instance,” it added, “involves a cyber criminal calling an Ace store posing as an Epicor employee asking for permission to gain access to the stores [sic] computer system through passwords, password resets and other remote means.” Epicor Software Corporation is a Texas-based business software company focused on retail, manufacturing, and distribution — and presumably, an Ace contractor.

    “Breaches like this must serve as a wake-up call for organizations large and small to implement a zero-trust architecture, enable MFA, and use strong and unique passwords,” says Keeper’s Guccione. In addition, employees must be trained to identify suspicious phishing emails or smishing text messages.

    “Users are the last line of defense, and organizations must consistently train their employees to recognize the latest attack vectors,” he says.

    [ad_2]

    Source link

    Previous ArticleStripedFly Malware Operated Unnoticed for 5 Years, Infecting 1 Million Devices
    Next Article Google Play Store Introduces ‘Independent Security Review’ Badge for Apps
    justmattg
    • Website

    Related Posts

    Cyber Security

    Name That Toon: Last Line of Defense

    April 16, 2024
    Cyber Security

    OpenJS Foundation Targeted in Potential JavaScript Project Takeover Attempt

    April 16, 2024
    Cyber Security

    Middle East Cyber Ops Intensify, With Israel the Main Target

    April 16, 2024
    Add A Comment

    Leave A Reply Cancel Reply

    Facebook Twitter Instagram Pinterest
    • Privacy Policy
    • Contact Us
    AI Home Security © 2025 All rights reserved | Designed By ESmartsSolution

    Type above and press Enter to search. Press Esc to cancel.

    ↑