Toy Maker Mattel Admits to Suffering a Ransomware Attack

Toy Maker Mattel Admits to Suffering a Ransomware Attack
Photo: Chris Jackson / Staff, Getty Images

Mattel, the maker of Barbie, Fisher-Price, and Hot Wheels toys, admitted that it suffered a ransomware attack on June 28, 2020. According to a 10-Q form filed with the Securities and Exchange Commission (SEC), the company said the attack “caused data on a number of systems to be encrypted.”

“Promptly upon detection of the attack, Mattel began enacting its response protocols and taking a series of measures to stop the attack and restore impacted systems. Mattel contained the attack and, although some business functions were temporarily impacted, Mattel restored its operations,” the company wrote.

The report is interesting precisely because the attack didn’t actually damage the company. Given that one single variant of the NetWalker ransomware nabbed $US25 ($35) million from victims this year while another infection effectively killed a patient in a German hospital, the fact that Mattel skirted real damage is encouraging and/or lucky.

This Ransomware Stole $US35 ($49) Million in 5 Months

A ransomware variant called NetWalker is doing surprisingly well, even in this economy. The malware, which takes computers hostage and asks for a Bitcoin ransom, raked in $US25 ($35) ($US35 ($49)) million in the last five months, a solid haul for what amounts to a solid ransomware-as-a-service platform.

Read more

“A forensic investigation of the incident has concluded, and no exfiltration of any sensitive business data or retail customer, supplier, consumer, or employee data was identified,” the company wrote. “There has been no material impact to Mattel’s operations or financial condition as a result of the incident.”

The U.S. saw 145.2 million ransomware attacks, a 139% increase year-over-year, according to security firm HelpNetSecurity. The most popular ransomware this year, Ryuk, attack 67.3 million machines alone, a massive number. A site called NoMoreRansom is aimed at helping companies like Mattel and others crack ransomware attacks before they become a real internal problem. Many, sadly, are beyond help without backups or lots of luck.

The Canon Ransomware Attack Probably More Costly Than the 70-200mm You Want

Just about a week after Canon rolled out a full-on cybersecurity toolkit for small businesses across the US, the fan-favourite camera company’s revealed that it’s suffered two pretty serious ransomware attacks that’ve resulted in at least 10 terabytes of company-wide data being held up for an undisclosed ransom.

Read more