This year has been the most challenging for businesses and technology companies because ransomware attacks and all sorts of cybercrimes are at their peak. Recently, audio equipment manufacturer, Bose confirmed that it has experienced a sophisticated ransomware attack and the attackers might have exposed some employee data as well, according to a report by cybersecurity website- Bleeping Computer.
According to sources, Bose has also filed an official letter to the New Hampshire’s Office of Attorney General notifying about the ransomware/malware attack.
According to a report by Engadget, Bose claims that they first experienced a ransomware attack back on March 7th and immediately took action to contain the attack to avoid any data breach with the help of security experts and technical staff members. The company then confirms that they had successfully contained the ransomware attack and there was no notification of any data exposure whatsoever. However, on the 29th of April, Bose discovered that the attackers may have had access to some of the company’s internal spreadsheets that contained employee data and information of current and former employees. As mentioned in the report, the files contained names of the employees along with their phone numbers, compensation information and social security numbers.
Ransomware attack turns out to be serious for the company because data breach in form can be very dangerous to the company in many ways. Bose admitted that the attackers might have had access to a limited set of folders but there was no way to find out which data had been exposed and leaked. According to the report by Bleeping Computer, Bose has no notification or indication of the exposed data being sold, unlawfully dissipated or otherwise disclosed anywhere, including the dark web. The company has hired technical experts to browse the dark web for any related data but fortunately, no signs of exposed data have been found till today.
Bose confirms to Bleeping Computers that no ransomware money has been paid to the attackers.
For future-proofing any ransomware attacks, Bose is employing multiple safeguards including advanced ransomware and malware protections on endpoints of their systems. The company has changed all access keys, passwords and has even blocked all malicious files used in the attack. These measures are more likely to protect the company from future attacks.
Other than this, fuel supplier- Colonial, Acer and US Health Services have been recent targets of ransomware groups this year and this sort of cybercrime is increasing strongly every day, so every company must keep all tabs in check. It’s better to be safe than to leak tons of user data online.