‘Mattel,’ the California-based toymaker, has disclosed a ransomware attack that happened on July 28, 2020. The event was disclosed as part of the 2020 Q3 quarterly report filed with the US Securities Exchange Commission. While it comes months after the actual security incident, it is still an important event that cannot be ignored.
Mattel Inc. is the world’s second-largest toymaker in terms of revenue ($1.4 billion in 2019), standing behind only Lego. Its brands include Fisher-Price, Barbie, Polly Pocket, Hot Wheels, Thomas & Friends, and many more. Mattel has an operational presence in 40 countries and sells toys and games in more than 150 countries. So, a ransomware attack on the firm could potentially have dire consequences for the 25,800 of its employees and the business of its massive network of resellers.
Related: ‘JM Bullion’ Hacked and Customer Credit Card Details Stolen
The company says that the ransomware attack targeted its IT systems and managed to encrypt a number of them. The response of the Mattel IT team was prompt, and they moved upon pre-established security protocols taking a series of measures to stop the attack and contain the damage. The firm mentions that some of its business functions were temporarily impacted, but these were quickly restored.
A forensic investigation that followed revealed no evidence pointing to data exfiltration, so no retail customers, suppliers, consumers, or employees were affected by what happened. This is a powerful statement to make, as we have seen no ransomware attacks without the data-stealing aspect happening in 2020. However, there were no reports from dark web crawlers finding Mattel data on any leak sites, so there’s no indication that the toymaker is lying.
Whoever attempted to hit Mattel failed to leave a mark on the company’s operations or financial resources. This is a rare case that shows the big difference that having a solid security response plan in place can make. As we’re heading towards Christmas, companies like Mattel are bound to find themselves at the epicenter of the hacking action, especially from ransomware gangs. Managing to thwart one attack should be an excuse for maintaining a relaxed stance.