One of the largest Companies of the toy industry, Mattel disclosed that it suffered a ransomware attack in July that affected some of its business operations but did not lead to data theft.
Mattel is the second largest toy company in the world with 24.000 employees and revenue of $ 5,7 billion for 2019. Mattel is well known for its popular brands, including of Barbie, Hot Wheels, Fisher-Price, American Girl and Thomas & Friends.
In a 10-Q form filed with the Securities and Exchange Commission (SEC), Mattel revealed that it was attacked by ransomware on July 28, 2020. The 10-Q form is a quarterly report authorized by the United States Federal Securities and Exchange Commission, which must be submitted by listed companies to it.
According to the report, on July 28, 2020, Mattel discovered that it was the victim of a ransomware attack on systems technologys of her who caused her encryption data in some systems. Immediately after detection of the attack, Mattel began to implement evasion protocols and take a series of measures to end the attack and restore the affected systems. Mattel believes it repulsed the attack and, although some business operations were temporarily affected, Mattel was able to resume its critical operations.
After conducting its investigation, Mattel does not believe that data was stolen during the ransomware attack.
The filing does not indicate which ransomware was responsible for the attack, but rumors point to TrickBot as responsible. TrickBot infections are usually followed by the encrypting Ryuk or Conti ransomware Appliances in the network they have infiltrated.