Ace Hardware Gets Hammered By Hackers Demolishing Online Sales
Building supply and home improvement company Ace Hardware has seemingly suffered a severe cybersecurity attack and is dealing with the fallout. After an email notice surfaced on Reddit, online sales have gone down, and outbound shipments are on hold while the breach is dealt with. While there has been no direct announcement from the Illinois-based company, it appears that the company is slowly recovering as hundreds of servers are restored.
On Monday, Reddit user MalletNGrease posted a notice to Ace Hardware retailers explaining that on the day prior, the company “detected a cybersecurity incident that is impacting the majority of our IT systems.” This incident reportedly crippled critical systems such as ACENET, warehouse management systems, the Ace Retailer Mobile Assistant (ARMA), Hot Sheets, Invoices, Ace Rewards, and the Care Center’s phone system. Given this widespread problem, scheduled deliveries to retailers were not completed, and it was requested that the retailers also hold off on placing orders.
Since then, there has been another notice, spotted by BleepingComputer, that explains that of approximately 1,400 servers that Ace Hardware operates, some 1,202 were impacted by the cybersecurity incident. As of yesterday morning, 51% of these servers were restored and certified by Ace Hardware IT. At this time, however, online orders still remain offline as the rest of the servers are being recovered.
At the end of the day, it is wild to think that someone would do this sort of thing to the “helpful hardware folks.” It will certainly be interesting to see if anyone comes forward to claim the attack or announces that they have exfiltrated data. As such, stay tuned to HotHardware for updates on the Ace Hardware cybersecurity incident.