In today’s digital world, ransomware attacks are something that most businesses, from large corporations to small organizations, encounter. The latest firm to reveal it was targeted is toymaker Mattel, which said an attack took place in July this year but resulted in no loss of data or significant financial impact.
Sitting behind Lego as the world’s second-largest toymaker, Mattel brought in $5.7 billion in revenue last year, making it an enticing prospect for hackers. The company revealed the July 28 incident in a 10-Q quarterly form filed with the US Securities Exchange Commission.
Mattel wrote that the attack was partially successful and did result in some systems becoming encrypted, temporarily impacting business functions. “Promptly upon detection of the attack, Mattel began enacting its response protocols and taking a series of measures to stop the attack and restore impacted systems. Mattel believes it has contained the attack and, although some business functions were temporarily impacted, Mattel was able to restore its critical operations,” the company stated.
Following a forensic investigation into the attack, Mattel concluded that the perpetrators did not steal “any sensitive business data or retail customer, supplier, consumer, or employee data.”
Mattel doesn’t reveal which type of ransomware infected its network. According to a Bleeping Computer source, the popular TrickBot malware was the culprit, which is used to deliver Ryuk or Conti ransomware.
It was only last week when the FBI warned of a new ransomware campaign targeting hospitals that utilizes TrickBot, the same infection that was used in attacks on the Key Biscayne and Lake City governments last year and Universal Health Services (UHS) last month.