"Bose Reveals Ransomware Attack Impacting Staff"

Bose has told regulators that a sophisticated ransomware attack back in March led to unauthorized access of personal information on current and former employees.  The company first detected the ransomware back on March 7, 2021. However, nearly two months later, on April 29, it found that human resources files were accessed.  The personal information contained in these files includes names, Social Security Numbers, and compensation-related information.  The company stated that the forensics evidence shows that the threat actor interacted with a limited set of folders within these files. Bose does not have any evidence to confirm that the data in these files were successfully exfiltrated but cannot verify that they were not.  The company is engaged with third-party experts to scour the dark web for this data, to check if it is being actively used by cyber-criminals, and is also working with the FBI.  As of May 19th, the company has not received any indication through its monitoring activities or from impacted employees that the data discussed has been unlawfully disseminated, sold, or otherwise disclosed.  Only a small number of staff were affected, and the firm did not pay the ransom requested.  To mitigate the risk of a worse attack in the future, the organization has started putting into place enhanced anti-malware, logging, and monitoring, blocking malicious IPs linked to the threat actor, changing passwords for all end-users, and changing access keys for all service accounts.

Infosecurity reports: "Bose Reveals Ransomware Attack Impacting Staff"