A hacking group is demanding $50 million from Acer, Bleeping Computer reported, in what appears to be one of the biggest ransomware demands to date. According to Bleeping Computer, the attackers may have gained access to the Taiwanese computer manufacturer’s network via a Microsoft Exchange vulnerability. The REvil group that carried out a ransomware attack on Travelex last year is believed to be behind the Acer breach as well.
Bleeping Computer said REvil is giving Acer until March 28th to pay the ransom or it will leak the data it claims to have collected. Microsoft recently released several security updates to fix vulnerabilities for exploits found in its Exchange software, but it wasn’t immediately clear whether the Acer breach was connected.
Acer did not immediately reply to a request for comment from The Verge on Saturday, but told Bleeping Computer in a statement that “Companies like us are constantly under attack, and we have reported recent abnormal situations observed to the relevant law enforcement and data protection authorities in multiple countries.”
Acer did not acknowledge in its statement whether it had been the victim of a ransomware attack, but added there was an “ongoing investigation” that prevented the company from commenting further due to security concerns.