Another victim of a ransomware attack has surfaced online. The latest target is the audio devices giant Bose that has admitted a ransomware attack. The firm confirmed that the incident did expose some employee data to the attackers.
Bose Suffered Ransomware Attack
Bose is an American audio equipment firm known for its headphones and speakers. But now, it has made it to the news for a ransomware attack that also affected some Bose employees.
Reportedly, Bose Corporation has filed an incident notification letter to the Office of the Attorney General, New Hampshire.
In that, they have elaborated on the cyberattack that the firm first noticed on March 7, 2021. Soon after this finding, the company worked out to contain the attack and began investigating the matter whilst involving third-party experts.
Eventually, their careful strategy helped them bring the systems back online. After that, they investigated for a potential data breach which revealed that the incident did expose the files having the data of some former employees. As stated,
During this investigation, on April 29, 2021, Bose discovered that data from internal administrative human resources files relating to 6 former New Hampshire employees of Bose Corporation was accessed and potentially exfiltrated. The personal information contained in these files include name, Social Security Number, and compensation-related information.
While their investigations hint about limited interaction of the attackers to the data. Yet, they do not rule out the possibility of data exfiltration during this ransomware attack.
Bose Refused To Pay Ransom
Following the incident, the company took several measures to strengthen its IT security. They also reset the passwords for all user accounts out of caution.
Bose hasn’t stated anything about the ransomware or the ransom payments in the letter. Yet, they confirmed no such payments in their statement to Bleeping Computer. As Joanne Berthiaume, Media Relations Director, Bose, told,
We did not make any ransom payment.
We recovered and secured our systems quickly with the support of third-party cybersecurity experts.
It presently remains unclear about who the attackers were and how they managed to infiltrate Bose network. Nor is anything about data exfiltration known yet.