One of the biggest companies in the gaming industry, Mattel, revealed that it was attacked by ransomware in July that affected some of its business operations, but did not lead to data theft.
Mattel is the second largest toy company in the world with 24.000 employees and revenue of $ 5,7 billion for 2019. Mattel is well known for its popular brands, including of Barbie, Hot Wheels, Fisher-Price, American Girl and Thomas & Friends.
In a 10-Q form filed with the Securities and Exchange Commission (SEC), Mattel revealed that it was attacked by ransomware on July 28, 2020. The 10-Q form is a quarterly report authorized by the United States Federal Securities and Exchange Commission, which must be submitted by listed companies to it.
According to the report, on July 28, 2020, Mattel discovered that it was the victim of a ransomware attack on its technology systems that caused data to be encrypted on certain systems. Immediately after detecting the attack, Mattel began implementing evasion protocols and taking a series of steps to end the attack and restore the affected systems. Mattel believes it repulsed the attack and, although some business operations were temporarily affected, Mattel was able to resume its critical operations.
After conducting its investigation, Mattel does not believe that data was stolen during the ransomware attack.
The deposition does not indicate which ransomware was responsible for the attack, but rumors say TrickBot is responsible. TrickBot infections are usually followed by Ryuk or Conti ransomware that encrypts devices that have infiltrated the network.