When you were growing up, your parents probably bought you all sorts of toys made by Mattel. From Hotwheels to Barbie to the full line of Toy Story toys and more, Mattel is a global force in the world of toys.
In fact, they are the second largest toy maker in the world, with more than 24,000 employees and gross revenue of nearly six billion dollars in 2019.
On July 28th, 2020, the company’s network was successfully breached and a strain of ransomware deployed against them, which encrypted some of the company’s files and caused disruptions in the firm’s ongoing operations.
The company released an official disclosure about the incident which reads in part, as follows:
“On July 28, 2020, Mattel discovered that it was the victim of a ransomware attack on its information technology systems that caused data on a number of systems to be encrypted. Promptly upon detection of the attack, Mattel began enacting its response protocols and taking a series of measures to stop the attack and restore impacted systems. Mattel believes it has contained the attack and, although some business functions were temporarily impacted, Mattel was able to restore its critical operations.”
Part of the company’s response was to launch a forensic investigation in cooperation with law enforcement. That process has been completed, and based on its conclusion, Mattel updated their initial disclosure. It now says that it does not appear that any customer, supplier, consumer or employee data was exfiltrated by the hackers.
Of interest, neither the initial disclosure or the update gave any indication of the specific ransomware strain used, or the exact scale of the impact. Although there’s circumstantial evidence that suggests the strain in question was Trickbot.
Whatever the strain, the bottom line is that no customer data appears to have been stolen. So if you have an account on Mattel’s website, there’s nothing you need to do, except be aware that the attack occurred.