Toymaker Mattel—maker of Barbie and Ken dolls – was the sufferer of a ransomware attack very last July on its details technology programs and knowledge on a number of techniques was encrypted.
The corporation stated in a new quarterly filing that it experienced contained the attack and though some organization features had been briefly impacted, the security team restored its functions. In accordance to the submitting, no delicate small business, retail consumer, supplier, purchaser, or personnel data was exfiltrated.
While Mattel carries cyber and business enterprise continuity insurance, the corporation claimed there’s no assurance that costs incurred as a result of this or any future cyber events would be coated wholly. The toymaker didn’t give details on the character of the ransom, these kinds of as no matter if the criminals desired money only or also threatened to expose data.
Colin Bastable, CEO of Lucy Security, mentioned the attack possibly came as a end result of COVID-19 lockdowns that compelled Mattel personnel to get the job done remotely exactly where they are a lot more quickly distracted, much less uncomplicated to check and more very likely to slide for a cyber-attack.
“So the Mattel CISO and IT workforce did their job very well, just like the frontline ‘ordinary heroes’ of the COVID-19 outbreak, as acknowledged by the Mattel Playroom #ThankYouHeroes action determine selection,” Bastable reported. “As for the hackers – they’ll be again in the hardly ever-ending cybersecurity fight from a basement much, much absent.”
With the holiday break season creeping up, there should be expectations that ransomware campaigns will enhance,” Brandon Hoffman, CISO at Netenrich, reported most stores depend seriously on on the web business enterprise and adversaries look at this as an chance to attack.
“If they can cripple units for the duration of Black Friday, Cyber Monday, or other large buying linked occasions, organizations could be extra willing to pay back and get devices again online,” Hoffman stated. “It’s a make any difference of misplaced profits for support availability as opposed to the expense of the ransom.”
Some elements of this posting are sourced from: