Toymaker Mattel reveals ransomware attack

Perpetrators were not able to steal any 'sensitive business data' the company says

Toymaker Mattel has disclosed a ransomware attack that targeted the company's systems in July and impacted some of its business operations.

In a 10-Q quarterly form filed with the US Securities Exchange Commission last month, the company said that the cyber incident, which took place on 28 July 2020, had minimal impact on the company.

After the attack was identified, the company's IT security teams took a series of steps to contain it and to restore impacted machines. However, the attack was partially successful as it did result in the encryption of some of Mattel's systems disrupting some operations.

"Mattel contained the attack and, although some business functions were temporarily impacted, Mattel restored its operations," the firm explained.

A detailed investigation into the incident revealed that perpetrators were not able to steal "any sensitive business data or retail customer, supplier, consumer, or employee data," the company said.

Mattel did not provide any information on which threat actors were responsible for the attack or which malware was used to infect its machines.

Last year, Mattel reported $5.7 billion in revenue, making it an attractive prospect for hackers.

In its filing, Mattel noted that no data protection systems in place at the firm can be guaranteed to be 100 per cent successful.

"While Mattel carries cyber and business continuity insurance commensurate with its size and the nature of its operations, there can be no guarantee that costs incurred as a result of cyber-events will be covered completely," it said.

The revelation from Mattel comes as US federal agencies warned last week that cyber criminals are actively targeting medical facilities and institutions using ransomware, as Covid-19 cases started to surge once again.

The agencies said that they had credible information of imminent cybercrime threat to US hospitals by cyber actors using Trickbot malware.

Earlier in September, a report by the IBM Security X-Force Incident Response team claimed that the incidents of ransomware attacks continued to rise in the second quarter of the year, with a noticeable jump in June. The researchers said that the number of ransomware attacks they remediated in Q2 2020 was about three times higher than the total in Q1.

According to IBM, ransomware threat groups are putting a great deal of work into updating their tools and techniques, to match the improvements that private firms have been making to recover from ransomware attacks.

In April, tech services provider Cognizant also disclosed that it had suffered a Maze ransomware cyber attack, resulting in service disruptions to some clients. The firm admitted in May that the attack was likely to cost the company between $50 million and $70 million in that quarter, with additional expenses to come later in the year.

Cruise firm Carnival also disclosed a ransomware attack in August, which compromised personal information of a large number of guests and employees from three different cruise lines.

The company's casino operations were also disrupted in the incident, the company said last month.