A recent cyberattack targeted ACE Hardware, causing its local stores to lose the ability to receive orders due to over 196 of their compromised servers now being out of service.
ACE Hardware is a cooperative that owns retail stores, with more than 17 distribution outlets and 5,700 physical stores worldwide in countries like the United States, Panama, China, and the UAE.
The organization employs a total of 12,500 people and generates $9 billion in revenue yearly.
The first public disclosure of the cyber incident affecting ACE Hardware came from a Reddit post. A user shared an email notice that the organization had sent to its retail outlets about the incident.
In the email notification, ACE Hardware disclosed that:
“On Sunday morning, we detected a cybersecurity incident that is impacting the majority of our IT systems. As a result of this incident, many of our key operating systems, including ACENET, our Warehouse Management Systems, the ACE Retailer Mobile Assistant (ARMA), Hot Sheets, Invoices, Ace Rewards and the Care Center’s phone system have been interrupted or suspended.”
Due to the incident, the organization’s higher-ups have instructed stores to stop placing orders, as processing more orders strains scheduled delivery.
Ace Hardware also revealed that they have employed their cybersecurity team to help restore their business to normalcy.
Late on Monday, however, the company announced that the system downtime might continue indefinitely. In this update, they instructed retail stores to stay open because the attack did not impact financial systems, including POS and credit cards.
The online processing of orders for product search and view remains inactive, and the ordering button on the website is also disabled, because the systems responsible for order processing are not yet back online.
In a public Reddit post, retail store owners have revealed that their internal corporate systems are down. Consequently, they are unable to order products from the warehouse or dropship points.
THE LEVEL OF IMPACT ON THE COMPANY’S HARDWARE DEVICES:
ACE Hardware estimates the level of IMPACT to be over 1,202 devices, and acknowledges the need for its restoration.
According to the CEO and President of Ace Hardware John Venhuizen:
“The company operates over 1,400 servers and 3,500 networked devices. “
New information reveals that the organization is currently restoring over 196 of these devices, which are servers, to ensure the business is back up and running.
John further disclosed that:
“As of 5:31 A.M this morning, 51% of these servers have been restored and are being certified by ACE’s IT department.”
The CEO concluded his email notification stating the attack to be a battle against good and evil. He also stated that the attackers are no more than thugs.
“I’d like to end by reminding you that all of this frustration and all of this effort is the direct result of a malicious cyber attack on Ace.”
“This was perpetuated by criminals. Though they are hiding in this shadows, they are no different than thugs who break into your store attempting to steal your stuff.”
“It’s a battle of good versus evil. The processes to recover are complex, the principles of this battle are not. Good will ultimately triumph.”
Ace Hardware is actively restoring its system, but threat actors are exploiting this breach to circulate a phishing link. They are advising users to switch to an alternative electronic payment system until services resume.
Furthermore, the Threat actors were noticed, to be contacting Ace retail stores, posing as a contractor for the company, and asking for network credentials under the guise of troubleshooting.
Ace Hardware issued a notice to retailers, highlighting risks and advising vigilance to incoming emails and calls.
Please do let us know in the comment section what are your thoughts about this.