Audio equipment manufacturer Bose suffered a ransomware attack that hit the company’s systems earlier this year, on March 7.
- Bose Corporation suffered a ransomware attack that took place on March 7.
- The ransomware gang accessed internal files from its human resource department.
- The company has employed a law firm to notify all the affected current or former employees.
Audio equipment manufacturer Bose suffered a ransomware attack that hit the company’s systems earlier this year, on March 7.
Bose Corporation is an American electronic company that manufactures audio equipment.
The company stated that the malware or ransomware on Bose’s U.S. systems was first detected on March 7, 2021.
In a breach notification letter, Bose reported that it "experienced a sophisticated cyber-incident that resulted in the deployment of malware or ransomware across" its "environment."
The company said that the ransomware gang impacted its network and accessed internal files from its human resource department. The data stored included company employee details, including employee names, Social Security numbers and compensation-related information.
“Based on our investigation and forensic analysis, Bose determined, on April 29, 2021, that the perpetrator of the cyber-attack potentially accessed a small number of internal spreadsheets with administrative information maintained by our Human Resources department," said Bose.
Bose has employed experts to monitor the dark web for any evidence of leaked data and has been working along with the U.S. Federal Bureau of Investigation.
The firm sent breach notification letters on May 19 to all individuals impacted by the ransomware incident and offered them 12 months of free identity protection services.
The company also said it boosted internal security procedures and taken the following actions:
- Enhanced malware or ransomware protection on endpoints and servers further strengthens our defence against future malware/ransomware attacks.
- Performed detailed forensics analysis on impacted servers to analyse the impact of the malware/ransomware.
- Blocked the malicious files used during the attack on endpoints to prevent further spread of the malware or data exfiltration attempt.
- Strengthened monitoring and logging to identify any future actions by the threat actor or related types of attacks.
- Blocked newly observed malicious sites and IPs linked to this threat actor on external firewalls to prevent potential exfiltration.
- Changed passwords for all end-users and privileged users.
- Changed access keys for all service accounts.
For the latest cyber threats and the latest hacking news please follow us on Facebook, Linkedin, and Twitter.
You may be interested in reading: How to Survive the COVID Time Cyber Security Threats?