Mattel’s Response to Ransomware was as swift as Buzz Lightyear. When you were growing up, your parents probably bought you all sorts of toys made by Mattel. From Hotwheels to Barbie to the full line of Toy Story toys and more, Mattel is a global force in the world of toys.
Mattel is the second-largest toymaker globally, with more than 24,000 employees and gross revenue of nearly six billion dollars in 2019.
On July 28th, 2020, Mattel’s network experienced a breach. A ransomware strain deploys against them, which encrypted some of the company’s files and caused disruptions in the firm’s ongoing operations.
Mattel’s official response to ransomware, which reads in part, as follows:
“On July 28th, 2020, Mattel discovered that it was the victim of a ransomware attack on its information technology systems that caused data on several systems to be encrypted. Promptly upon detecting the attack, Mattel began enacting its response protocols and taking a series of measures to stop the attack and restore impacted systems. Mattel believes it has contained the attack and, although there were impacts on some business functions, Mattel was able to restore its critical operations.”
Part of Mattel’s response was to launch a forensic investigation in cooperation with law enforcement. With the completion of the process, and based on its conclusion, Mattel updated their initial reaction. It now says that it does not appear that the hackers exfiltrated any customer, supplier, consumer, or employee data.
Of interest, neither Mattel’s initial response nor the update indicated the specific ransomware strain used or the impact’s exact scale. Although there’s circumstantial evidence that suggests the strain in question was Trickbot.
Whatever the strain, the bottom line is that no customer data appears to have been stolen. So if you have an account on Mattel’s website, there’s nothing you need to do except be aware that the attack occurred.
