Bose Corporation, a manufacturer of audio equipment, announced that it was a victim of data breach after it suffered a ransomware attack on March 7.
According to a breach notification letter filed by Bose, the company was the victim of a sophisticated cyberattack in which threat actors used ransomware to infect the company’s infrastructure.
On March 7, 2021, Bose discovered the malware on its US systems for the first time.
They started an incident response procedure as soon as they discovered the security breach, as well as an investigation into the incident.
The company did not provide any additional information about the attack, such as the ransomware group that infected its systems.
The ransomware operators were able to access and exfiltrate data from internal administrative human resources files relating to 6 former Bose Corporation employees in New Hampshire, according to the company.
Employee names, Social Security numbers, compensation information, and other HR-related information are among the data exposed.
To determine the scope of the attack and restore the impacted systems, the company hired external security and forensic experts.
They did not pay the ransom and, with the help of third-party cybersecurity experts, recovered the encrypted files from backups.
The audio company announced that it has taken additional steps to improve cybersecurity and prevent future attacks, including:
- Enhanced malware/ransomware protection on endpoints and servers to further enhance our protection against future malware/ransomware attacks.
- Performed detailed forensics analysis on impacted server to analyze the impact of the malware/ransomware.
- Blocked the malicious files used during the attack on endpoints to prevent further spread of the malware or data exfiltration attempt.
- Enhanced monitoring and logging to identify any future actions by the threat actor or similar types of attacks.
- Blocked newly identified malicious sites and IPs linked to this threat actor on external firewalls to prevent potential exfiltration.
- Changed passwords for all end users and privileged users.
- Changed access keys for all service accounts.
Bose sent data breach notification letters to victims affected by the ransomware attack on 19th May.
If employee information was also exfiltrated from Bose’s systems, depending on the ransomware gang behind the attack, the incident could result in a data breach.
Also read: Domino’s data breach: Users’ data available on dark web
You might also like: Air India Data Breach: Over 4.5 millions customers’ data impacted
You might also like: E-commerce giant Mercari data breach: several data exposed