Home > Cyber News > Employee Data Leakage During Bose Ransomware Attack

Employee Data Leakage During Bose Ransomware Attack

The American manufacturing company Bose has admitted that a ransomware attack hit their systems. The attack was accompanied by a data breach. This sophisticated cyber incident was first detected by the company on March 7, 2021.

bose ransomware attack employees data leakage

According to an official letter sent by the company to the Attorney General Office in New Hampshire, Bose initiated a comprehensive process for hardening the security of their systems. They started an investigation of the incident immediately after they noted the attack.

External security experts have been hired for the recovery of the impacted systems by the audio maker. On April 29th, it was clear that hackers might have accessed a small number of internal spreadsheets.

As reported, the spreadsheets contain information on current and former employees. Obtained files store data about the workers’ names, social security numbers, and compensation info.

Recent examples of companies hit by ransomware include the Japanese tech company Toshiba which fell victim to the DarkSide ransomware as well as the AXA Cyberinsuarance Company hit by Avaddon Ransomware.

Bose Ransomware Attack – Security Measures Taken

After the ransomware attack, Bose took the following measures to defend corporate systems against future incidents:

  • Enhanced malware/ransomware protection on endpoints and servers to further enhance our protection against future malware/ransomware attacks.
  • Performed detailed forensics analysis on the impacted server to analyze the impact of the malware/ransomware.
  • Blocked the malicious files used during the attack on endpoints to prevent further spread of the malware or data exfiltration attempt.
  • Enhanced monitoring and logging to identify any future actions by the threat actor or similar types of attacks.
  • Blocked newly identified malicious sites and IPs linked to this threat actor on external firewalls to prevent potential exfiltration.
  • Changed passwords for all end-users and privileged users.
  • Changed access keys for all service accounts.

On May 19th the company also sent notification letters about the breach to all individuals impacted by the incident.

Gergana Ivanova

Highly motivated writer with 5+ years of experience writing for ransomware, malware, adware, PUPs, and other cybersecurity-related issues. As a writer, I strive to create content that is based on thorough technical research. I find joy in the process of creating articles that are easy to understand, informative, and useful. Follow me on Twitter (@IRGergana) for the latest in the field of computer, mobile, and online security.

More Posts

Follow Me:
Google Plus

Leave a Comment

Your email address will not be published. Required fields are marked *

Share on Facebook Share
Share on Twitter Tweet
Share on Google Plus Share
Share on Linkedin Share
Share on Digg Share
Share on Reddit Share
Share on Stumbleupon Share