November 3, 2023 at 04:33PM
Ace Hardware is still struggling to recover from a cyberattack that impacted 196 servers and over 1,000 network devices. Operating systems and key tools are still disrupted, causing shipment disruptions and preventing customers from placing online orders. The company has seen follow-on phishing attacks and warns retailers of two scams linked to the breach. The CEO of cybersecurity firm Keeper Security emphasizes the need for organizations to implement strong security measures and train employees to recognize phishing attempts.
Key takeaways from the meeting notes are as follows:
1. Ace Hardware is still dealing with the aftermath of a cyberattack that has affected their IT systems, including ACENET, Warehouse Management Systems, Ace Retailer Mobile Assistant (ARMA), Hot Sheets, Invoices, Ace Rewards, and the Care Center’s phone system.
2. The attack impacted 196 servers and over 1,000 network devices out of a total of 1,400 servers and 3,500 networked devices that Ace operates.
3. While 51% of the affected servers have been restored and are being certified by Ace’s IT department, many of the systems are still not fully functional.
4. Customers are currently unable to place online orders, which is particularly problematic leading up to the holiday season.
5. Store owners have also reported follow-on phishing attacks, indicating that the breach’s impact extends beyond just system disruptions.
6. Retailers have been warned about two phishing scams, including spoof emails and phone calls posing as employees of Ace or an Ace contractor, Epicor Software Corporation.
7. Keeper Security CEO emphasizes the importance of implementing a zero-trust architecture, enabling multi-factor authentication (MFA), and training employees to recognize and avoid phishing or smishing attempts.