"Toy Maker JAKKS Pacific Victimized by a Second Cybergang"

The toy manufacturer JAKKS Pacific, based in the US, has joined a growing list of corporations that have suffered ransomware attacks. In early December, threat actors hacked the manufacturer of Super Mario, Sonic, Disney Princess, and other toys. On December 8, 2022, malicious actors inserted ransomware into JAKKS Pacific's computer network and locked its servers. At the time, JAKKS Pacific suspected that threat actors had gained access to personal information, including names, email addresses, home addresses, taxpayer identification numbers, and banking information. The company stated that both individuals and businesses were impacted by the breach, indicating that the attack affected a large number of clients. The Russia-linked Hive ransomware gang was the first to put the company on its leak site, a darknet website where cybercriminals list their most recent victims. Hive claims they encrypted the company's data on December 8, which coincides with the cyberattack information provided by the company's statement. The attack was made public by Hive on December 20. BlackCat (ALPHV) added JAKKS Pacific to their leak site eight days later. They allegedly attached a snapshot of the stolen data, highlighting secret documents and Non-Disclosure Agreements (NDAs). For the purpose of pressuring the business into paying the ransom, threat actors may share or sell the information. Reposting the data may also indicate that the attackers are affiliated with multiple ransomware cartels. Recent studies indicate that this is a prevalent practice. The US Homeland Security Department's Cybersecurity and Infrastructure Security Agency (CISA) published a notification stating that Hive ransomware is one of the leading threats to US firms, having extorted nearly $100 million from over 1,300 businesses globally. This article continues to discuss the recent ransomware attack on JAKKS Pacific. 

Cybernews reports "Toy Maker JAKKS Pacific Victimized by a Second Cybergang"