Home » Industry News » Ace Hardware Updates Retailers on Cybersecurity Incident
RH-ISAC Holiday Cybersecurity Report

Ace Hardware Updates Retailers on Cybersecurity Incident

In an email to retailers on Nov. 3, Ace Hardware president and CEO John Venhuizen updated retailers on the progress being made in remediating the cybersecurity incident that occurred over the weekend of Oct. 28-29. 

Venhuizen shared that the Care Center has been contacting nearly 500 stores to confirm the availability of advanced ship notices (ASN) for those stores that received trucks this week. The company is working through its first contingency plan, which includes providing the capability to receive, pick and ship nearly 600 Ace stores by this weekend. 

“We had a few bumps in the night that we are muscling through, but this plan is very much in flight,” Venhuizen says. 

Ace operates 1,400 servers and 3,500 networked devices, and as a result of the cyberattack, 1,202 were impacted and need to be restored. Of these 1,202 attacked servers, the 196 servers used for receiving, picking and shipping have been given priority status. Once these priority-one servers are restored, stores can resume the normal replenishment order cut-off schedule. 

“The probability of hitting the ‘normal’ replenishment cut-off schedule for all stores by this weekend has increased,” Venhuizen says. “We have a full day of effort required to deliver against this objective, but my confidence has increased based on the material progress from Ace IT last night.”

The bulk of the communication from Ace to retailers this week has revolved around the main goal of getting product into retailers hands. Venhuizen says he plans to turn his communication focus to the next imperatives. 

Ace Hardware is also warning retailers that threat actors have contacted numerous retailers with phishing emails and to be aware of these schemes. 

“We know there’s a lot more yet to do,” Venhuizen says. “Re-establishing servers to enable ACH, Acehardware.com, Acenet, ARMA and many other business-critical processes are very much on our radar and in our work plan.”

About Lindsey Thompson

Lindsey joined the NHPA staff in 2021 as an associate editor and has served as senior editor and now managing editor. A native of Ohio, Lindsey earned a B.S. in journalism and minors in business and sociology from Ohio University. She loves spending time with her husband, two kids, two cats and one dog, as well as doing DIY projects around the house, coaching basketball, going to concerts, boating and cheering on the Cleveland Guardians.

Check Also

RH-ISAC Holiday Cybersecurity Report

Retail and Hospitality ISAC Releases Holiday Season Cyberthreat Trends Report

The holiday season is here, which means online shopping and activity is at its peak. …