Image: Chris Delemas/AFP/Getty Images
Hasbro is investigating a cyberattack that forced systems offline, warning recovery could take weeks as it works to contain the incident and assess the impact.
American toy maker Hasbro has been hit by a cyberattack that forced parts of its systems offline.
Hasbro said in a Securities and Exchange Commission (SEC) filing that the incident could take weeks to resolve, potentially resulting in a prolonged operational impact. The attack, first detected on Mar. 28, prompted the company to shut down parts of its networks and activate incident response and business continuity measures.
So far, those responsible seem not to have made any demands, as is typical of cyberattacks targeting large companies.
According to TechCrunch, the company, through spokesperson Andrea Synder, has declined to speak on the scope of the attack or its motive, instead offering reassuring statements about how it is handling the situation. Snyder said that Hasbro had “taken swift action to protect our systems and data” immediately after spotting the intrusion.
While the company didn’t disclose the scope of the breach, its public notice to investors hinted at what it could entail.
In the notice, the company reiterated that it has begun work on the containment process but warned that it could take weeks to be fully resolved. By immediately taking down parts of its networks, including shutting down its website for “maintenance,” it suggests that the attack could be serious, which is common for a company of its size.
TechCrunch reports that the company has over 5,000 employees. It also holds Intellectual Property (IP) rights to several toy, game, and consumer brands, including Monopoly, My Little Pony, and Transformers.
For a company this big, even a temporary systems disruption can snowball across multiple supply chains, digital services, and internal operations.
The company also said it is currently working with external cybersecurity professionals while it continues to “implement measures to secure its business operations.” As of publication date, its corporate website is still down with this message showing on the screen:
“This site is currently undergoing maintenance. Sorry for the inconvenience. Please, come back later.”
Reassuring the public, the company said that despite the attack, its business operations will continue and that plans are in place to allow it to “take orders, ship product and conduct other key operations while it resolves this situation.”
With weeks to resolve the situation, we expect Hasbro to finalize its investigations, publish more findings, and restore and reinforce its affected systems to prevent re-entry. The company has also said it can’t currently determine whether any data has been affected.
As a result, users and vendors associated with the company and its brands are advised to stay up to date on any new information about data theft and remain alert to phishing attempts.
In a separate incident, researchers warn that hackers are now using WhatsApp messages to deliver malware to Windows PCs, relying on deceptive attachments and multi-stage attack chains to quietly gain access to systems.
Joseph is a Technical Writer with about 3 years of experience in the industry, also advancing a career in cyber threat intelligence. He is passionate about the responsible use of technology, a passion that led him into cybersecurity. As an undergrad, he leads a novel community of technology enthusiasts at his school, NOUN, where he guides and shares resources for beginners in tech. His writing experience includes writing on a diverse range of topics, from consumer tech to startups and tutorials. Additionally, he periodically shares case studies and research reports on cybersecurity on his social media pages.
