Ace Hardware confirmed that a cyberattack is preventing local stores and customers from placing orders as the company works to restore 196 servers. Ace Hardware is a hardware store retailer-owned cooperative that operates 17 distribution centers and 5,700 shops across the United States, China, Panama, and the UAE. The cooperative employs 12,500 people and has an annual revenue that surpasses $9 billion. Reports of a cybersecurity incident impacting the entity surfaced over Reddit on Monday, where someone posted the content of Ace's notice to retailers about a cyberattack that occurred over the weekend. "On Sunday morning, we detected a cybersecurity incident that is impacting the majority of our IT systems," reads the notice. "As a result of this incident, many of our key operating systems, including ACENET, our Warehouse Management Systems, the Ace Retailer Mobile Assistant, Hot Sheets, Invoices, Ace Rewards and the Care Center's phone system have been interrupted or suspended." The company stated that it has engaged with a group of IT experts to help them restore the impacted systems, but because they deal with "a fast-moving, dynamic situation," details on the process and system status cannot be conveyed with accuracy. The new notice consulted retailers to keep their stores open to serve customers, advising that the in-store POS systems and credit card processing remain unaffected. The ordering functionality remains disabled today, as the systems that process customer orders are yet to be restored. According to the latest information posted online by Reddit users claiming to be store owners, all internal corporate systems remain down, making them unable to order products from warehouses or dropship points. In a new notice sent to retailers and seen by BleepingComputer, Ace Hardware President and CEO John Venhuizen explains that the company operates 1,400 servers and 3,500 networked devices. Of these devices, 1,202 were impacted by the cyberattack and will need to be restored. Venhuizen said that as of 5:31 AM this morning, 51% of these servers have been restored and are being certified by Ace's IT department. "I'd like to end by reminding you that all of this frustration and all of this effort is the direct result of a malicious cyber attack on Ace," reads an update sent to retailers today. While Ace restores their devices to resume operations, threat actors have flocked to take advantage of the attack. Ace Hardware warns that threat actors are contacting Ace retailers with phishing emails that urge them to redirect payments to "An alternative" electronic payment address until systems are restored. In other cases, attackers call Ace stores posing as agents of the Epicor Software Corporation, presumably one of Ace's contractors, asking them to hand over account credentials to their network allegedly for troubleshooting. Ace issued a cautionary notice to retailers, alerting them about these incidents, which reflects how breaches can precipitate security and lead to further downstream compromises. BleepingComputer has contacted Ace Hardware to learn more about the cyberattack, but we have not heard back yet. Mortgage giant Mr. Cooper hit by cyberattack impacting IT systems. Boeing confirms cyberattack amid LockBit ransomware claims.
This Cyber News was published on www.bleepingcomputer.com. Publication date: Thu, 30 Nov 2023 23:19:27 +0000