Audio equipment maker Bose has reported being a victim of a data breach, following a ransomware attack back in March.
Bose ransomware attack reaches data breach impact:
Filing the cyberattack via a letter to the office of the Attorney General at the New Hampshire Consumer Protection Bureau, Bose notified of the attack, stating that they had “experienced a sophisticated cyber-incident that resulted in the deployment of malware /ransomware across [its] environment”.
According to Bose Corp, the attack had impacted only its US systems.
Soon after the attack was detected on March 7, Bose commenced cyberattack response protocols. Its cybersecurity team was subsequently alerted to contain the attack.
While investigating the ransomware attack, it was found that the malicious ransomware perpetrators had obtained HR data corresponding to six former New Hampshire Bose employees which include sensitive data such as names, Social Security numbers as well as financial details like compensation-related data.
However, Audio Corp. noted that there was no evidence confirming that the data in these files were successfully exfiltrated or not.
An official investigation in coordination with the FBI has also been initiated by Bose, as well as several security experts have also been roped in to monitor any dark web data leaks of any sorts of data.
Efforts are also being made to analyze the reach and impact of the ransomware attack on its servers.
Bose has also affirmed that considering the ransomware attack, it has enhanced its cybersecurity protection and measures so as to mitigate any future cyber-hazards or threats that may be posed on the occasion of another attack.
According to statements given to trusted security sources, it was reported that Bose has not made any ransom payments to the threat actors as of yet.
While the ransomware attack and data breach are being investigated, the audio equipment company has also noted that the malicious files employed in the attacks and the newly identified malicious sites and IPs linked to the perpetrator had been blocked.
Increasing ransomware attacks:
It is concerning that ransomware attacks seem to be gaining new momentum in the previous months, with major industries and organizations falling victim to new ones every day.
Some of the other major ransomware attacks of the past month include the Colonial Pipeline Ransomware attack, Toshiba Ransomware Attack, as well as an Irish healthcare ransomware attack.