US toy manufacturer Mattel was affected by a ransomware attack on July 28 this year. The company made the admission in its SEC filing today. Mattel stated that while the ransomware attack crippled some parts of its operations, there was neither any breach of data nor any financial loss.
The company claimed that the attack was initially successful in encrypting some of its systems. However, these systems were restored after persuasive counteroffensive tactics from Mattel. The company’s emergency response protocols helped it to evade the attack successfully.
Mattel has not mentioned any ransom demand made in the attack and has also not confirmed the identity of the perpetrator ransomware group. However, it did confirm that there had been no sensitive business data or customer credentials stolen in the attack.
More often than not, ransomware groups have employed the technique of a double-extortion scheme. This plan involves the encryption and theft of sensitive data, along with the added threat of leaking the data over various forums. The data is dumped over the dark web, commonly. This technique was absent from the attack.
It appears that Mattel, arguably the table-topper among toy manufacturers, has escaped a ransomware attack unhurt, with only a system outage for a short time. That is comparable to getting a few scratches from an automobile accident.
Many large corporations have had to pay millions of dollars in ransom to these hacker groups. Large groups like Maze, Ryuk, and Sodenokibi often force companies to sign humongous ransoms. Tech giant Cognizant lost between $50-70m in a ransomware attack, and several others face the same plight.