Large toy company Mattel suffered from ransomware attack

American toy company Mattel reports that it suffered from ransomware attack, that affected some business operations. At the same time, Mattel was assured that the company recovered from the incident without significant financial losses.

The incident became known thanks to the company’s quarterly report (Form 10-Q), which was filed with the US Securities and Exchange Commission. The document states that the attack took place back in July 2020 and was initially successful, so that, as a result, a number of systems were encrypted. According to Mattel experts, they responded in a timely manner to what was happening.

“Promptly upon detection of the attack, Mattel began enacting its response protocols and taking a series of measures to stop the attack and restore impacted systems. Mattel contained the attack and, although some business functions were temporarily impacted, Mattel restored its operations,” — the company explained.

Although these attacks have recently ended not only with file encryption, but also with theft of company data, the toy manufacturer claims that the investigation conducted by cybersecurity forensics did not reveal any traces of theft of “confidential business data, data of retail customers, suppliers, consumers or employees.”

Also, such incidents often result in huge financial losses for the affected companies. We wrote that, for example, University of California paid more than million dollars of ransomware, and University of Utah paid attackers $457,000 of ransom. For example, the Norwegian energy company Norsk Hydro reported losses in the amount of at least $40 million as a result of the ransomware attack.

However, Mattel says the July incident “did not substantially affected [its] operations or financial condition.”