Mattel, a popular American toymaker, has revealed a ransomware attack against its infrastructure in July this year. The company mentioned this in the 10-Q quarterly form submitted to US SEC earlier today. It said that though it affected some of its systems with some downtime, it had escaped the attack by acting immediately and said that no data loss has happened.
Mattel Disclosed a Ransomware Attack
Owned by Mattle Television, Mattle is a famous toymaker based in California and has business operations worldwide. The company, in its quarterly filings to the US Securities and Exchange Commission today, has disclosed that it’s impacted by a ransomware attack on July 28th this year.
As mentioned in the 10-Q form, though it was attacked by a ransomware group successfully, it has limited the damage by acting immediately and accordingly. It said, “Promptly upon detection of the attack, Mattel began enacting its response protocols and taking a series of measures to stop the attack and restore impacted systems.”
Further, “Mattel contained the attack and, although some business functions were temporarily impacted, Mattel restored its operations.” A subsequent investigation into the matter has confirmed that “no sensitive business data or retail customer, supplier, consumer, or employee data” has been stolen.
It’s just some of the encrypted systems, causing downtime of some of its services for a while. Mattel has soon rectified this. For a long, ransomware groups have shifted their focus to a new business model called double-extortion. Under this, they started stealing the sensitive data before encrypting the systems, thus forcing victims to pay.
And if not complied, they threaten to publicly leak the stolen data through their dedicated leak sites, which could tamper with that victim’s goodwill in society.