Mattel Reveals July Ransomware Attack Impacting Business

Toymaker Mattel has become the latest big-name brand to admit to being hit by a ransomware attack impacting business operations.

The Californian headquartered multi-national, which made $1.4bn in revenue last year, revealed the news in a 10-Q regulatory filing with the US Securities and Exchange Commission (SEC).

The attack was discovered on July 28 this year, leading to the encryption of “data on a number of systems.” However, the firm’s incident response procedures appear to have mitigated the worst of the attack.

“Promptly upon detection of the attack, Mattel began enacting its response protocols and taking a series of measures to stop the attack and restore impacted systems. Mattel contained the attack and, although some business functions were temporarily impacted, Mattel restored its operations,” it said in the filing.

“A forensic investigation of the incident has concluded, and no exfiltration of any sensitive business data or retail customer, supplier, consumer or employee data was identified. There has been no material impact to Mattel’s operations or financial condition as a result of the incident.”

It’s unclear which malware strain was responsible for the incident and whether it was the work of a sophisticated “human-operated ransomware” gang or something more commodity in nature. The absence of data theft points to the latter, or at least a rapid and highly effective incident response effort.

Nevertheless, Mattel appears to have escaped the kind of negative publicity and major financial losses that many organizations of its size have suffered following an attack.

IT services giant Cognizant warned earlier this year, for example, that a ransomware attack in April may end up costing as much as $70m in Q2.

Mattel was at pains to point out in the filing that no security or data protection systems in place at the firm can be guaranteed to be 100% successful.

“While Mattel carries cyber and business continuity insurance commensurate with its size and the nature of its operations, there can be no guarantee that costs incurred as a result of cyber-events will be covered completely,” it added.

What’s Hot on Infosecurity Magazine?