American hardware retailers’ cooperative Ace Hardware is experiencing operation disruptions after a cyberattack crippled most of its key IT systems.
According to a notice that Ace President and CEO John Venhuizen sent to retailers and customers on Sunday evening, the incident occurred on the morning of October 29 and affected most of the organization’s operating systems.
“ACENET, our Warehouse Management Systems, the Ace Retailer Mobile Assistant (ARMA), Hot Sheets, Invoices, Ace Rewards and the Care Center’s phone system have been interrupted or suspended,” reads a copy of the notice, shared on Reddit.
The company informed Ace members that shipments were disrupted and that deliveries were delayed, urging customers to refrain from placing further orders.
In subsequent notices to customers, Ace pointed out that it had started restoring the impacted systems, but that it could not estimate how long the operation would take. It also said that its online store would remain available for search and product views, but not for orders.
While the company appears to have made progress in restoring its systems, as of November 3, online orders remain suspended, with visitors to Ace’s web store being informed that orders cannot be processed and that they should visit Ace’s brick-and-mortar stores instead.
According to the notices shared online by users claiming to be store owners, the company said that the incident had “no known impact to retailer in-store POS systems and credit card processing”.
Ace reportedly revealed that the attackers had compromised over a thousand internal servers and network devices and that some customers have been targeted with phishing attempts, both via email and by phone.
Ace has yet to share details on the type of cyberattack it has suffered and whether any customer information might have been compromised.
SecurityWeek has not seen mentions of the incident on major ransomware leak sites. We emailed Ace Hardware for a statement on the attack but have yet to receive a reply.
Ace Hardware has more than 5,600 locally owned and operated hardware stores across roughly 70 countries.
Related: Simpson Manufacturing Takes Systems Offline Following Cyberattack
Related: Boeing Confirms Distribution Business Hit by Cyberattack
Related: Air Canada Says Employee Information Accessed in Cyberattack
