Bose, a manufacturer of audio equipment, has disclosed that it has been the victim of a ransomware attack. The cyber attackers compromised the network with ransomware and obtained sensitive employee information, as per the data breach notice.
The attack was initially identified on March 7, according to the notification filed with the Consumer Protection Bureau of New Hampshire on May 19.
The technical team at Bose got to work quickly to limit the intrusion and block the hackers from taking critical data off the network.
On April 29, with the help of forensic specialists, Bose had discovered that the cyber attackers were only able to acquire "a limited set of" employee data.
Human resources documents were accessed, which contain six personnels’ addresses, social security numbers, and payment details. The workers are known to be New Hampshire residents.
Bose is currently working with the FBI and a private firm to explore the dark web for leaked data but has uncovered no evidence that its content has been exposed.
The company has already updated "enhanced malware/ransomware protection" on terminals and servers, restricted malicious files used in the incident, and set up monitoring tools to keep an eye on future attacks, among other things.
In a letter that was sent to the six workers impacted by the cyberattack, they are provided with 1-year free identity protection services via IdentityForce. They are also advised to check their accounts and "remain vigilant".
A dark web surveillance company was also hired by Bose. As ransomware attackers utilize dark web leak websites to post hacked information to build up pressure on victims to pay, this has become a regular procedure.
Moreover, on hacker forums, data that might be useful to other malicious users are frequently sold and published.
On a positive note, no proof of efforts to sell or publish the compromised data has been found by Bose or its monitoring provider. In addition, no user or partner information was obtained as a result of the cybersecurity incident.
Furthermore, Bose did not even give a ransom payment. This response of disagreeing to pay reduces the incentive for more attacks in the future. Also, there is no assurance that attackers who claim to recover encrypted information or delete stolen data will follow through.
As other businesses strive to defend themselves against cybersecurity incidents, cybersecurity analysts say the public notices required on businesses struck by ransomware attacks are critical.
