Any company can become a target of malicious hackers. This week Mattel, a giant of the toy industry, acknowledged that he was the victim of a ransomware attack in July, an incident that compromised some of its normal operations but did not involve any confidential registration.
Mattel is the second largest company in this industry and is recognized for owning many of the most popular brands, including Barbie, Hot Wheels, Fisher-Price, among others.
On July 28, representatives of the company filed with the U.S. Securities and Exchange Commission (SEC) to fill out a 10-Q form acknowledging the incident: “Mattel discovered that he was the victim of a ransomware attack that caused the closure of several systems. Immediately after the incident was detected, the company began implementing the response protocols on the affected systems.”
In the form the company also claims to have contained the attack, although some business functions were temporarily affected: “Our critical operations are completely restored”, concludes Mattel’s message.
At the conclusion of his internal investigation, Mattel believes that no record with confidential information was compromised during this incident: The investigation has been completed and no evidence was identified to suggest that the business data of our customers, suppliers, employees or partners was compromised.” Moreover, Mattel did not add further details, such as the ransomware variant used by the perpetrators of the attack.
A recently published report suggests that the attackers used TrickBot malware to infect the company’s systems. According to specialists, TrickBot infections usually lead to total engagement of the affected network, although it is ignored whether this has been the case with Mattel. The cybersecurity community has tried to contact the company, although Mattel has not issued any further releases.
He is a cyber security and malware researcher. He studied Computer Science and started working as a cyber security analyst in 2006. He is actively working as an cyber security investigator. He also worked for different security companies. His everyday job includes researching about new cyber security incidents. Also he has deep level of knowledge in enterprise security implementation.