Ace Hardware is currently experiencing a cyberattack that has disrupted their ability to accept online orders [2] [5]. This has resulted in significant disruptions to their operations and has raised concerns about potential phishing attacks on retailers.
Description
The cyberattack has affected a large number of Ace Hardware’s servers and networked devices. Specifically, 1,202 out of the company’s 1,400 servers and 3,500 networked devices have been impacted. While progress has been made in restoring the affected servers, with about half of them already restored as of early Thursday morning, many systems are still down [4]. This has caused disruptions to shipments as key operating systems, such as ACENET and the Warehouse Management Systems [4], have been interrupted or suspended [4].
The restoration efforts are currently focused on the 196 servers used for receiving, picking [1], and shipping [1], which have been given priority status. Once these priority-one servers are restored [1], normal replenishment order cut-off schedules can resume [1]. It is important to note that the point-of-sale systems remain unaffected.
Ace Hardware’s IT department is currently certifying the restored servers. However, until all systems are fully operational, customers will continue to be unable to place online orders. Additionally, store owners have reported follow-on phishing attacks [4], which can have long-lasting reputational impacts. In response to this situation, Ace Hardware has issued a warning to retailers about potential cybercriminals taking advantage of the ongoing cyberattack [3]. Threat actors are contacting retailers with phishing emails and posing as agents of a contractor to obtain account credentials [5]. Ace Hardware has urged retailers to be cautious and vigilant.
Conclusion
The cyberattack on Ace Hardware has had significant impacts on their operations, with disruptions to online orders and potential reputational damage due to follow-on phishing attacks. The restoration efforts are ongoing, with a focus on priority-one servers. Ace Hardware has issued a warning to retailers to be aware of potential cybercriminals exploiting the situation [3]. It is crucial for retailers to remain vigilant and take necessary precautions to protect their accounts and systems.
References
[1] https://www.hardwareretailing.com/ace-hardware-updates-retailers-on-cybersecurity-incident/
[2] https://www.redpacketsecurity.com/ace-hardware-says-devices-were-hit-during-cyberattack/
[3] https://www.engadget.com/ace-hardwares-online-ordering-and-other-systems-are-still-down-due-to-a-suspected-cyberattack-143208409.html
[4] https://www.darkreading.com/attacks-breaches/ace-hardware-still-reeling-from-weeklong-cyberattack
[5] https://ciso2ciso.com/ace-hardware-says-1202-devices-were-hit-during-cyberattack-source-www-bleepingcomputer-com/
