American toy maker Hasbro has been hit by a cyberattack that forced parts of its systems offline.
Hasbro said in a Securities and Exchange Commission (SEC) filing that the incident could take weeks to resolve, potentially resulting in a prolonged operational impact. The attack, first detected on Mar. 28, prompted the company to shut down parts of its networks and activate incident response and business continuity measures.
Handling a breach with a potentially long recovery time
So far, those responsible seem not to have made any demands, as is typical of cyberattacks targeting large companies.
According to TechCrunch, the company, through spokesperson Andrea Synder, has declined to speak on the scope of the attack or its motive, instead offering reassuring statements about how it is handling the situation. Snyder said that Hasbro had “taken swift action to protect our systems and data” immediately after spotting the intrusion.
While the company didn’t disclose the scope of the breach, its public notice to investors hinted at what it could entail.
In the notice, the company reiterated that it has begun work on the containment process but warned that it could take weeks to be fully resolved. By immediately taking down parts of its networks, including shutting down its website for “maintenance,” it suggests that the attack could be serious, which is common for a company of its size.
TechCrunch reports that the company has over 5,000 employees. It also holds Intellectual Property (IP) rights to several toy, game, and consumer brands, including Monopoly, My Little Pony, and Transformers.
For a company this big, even a temporary systems disruption can snowball across multiple supply chains, digital services, and internal operations.
What the coming weeks could look like
The company also said it is currently working with external cybersecurity professionals while it continues to “implement measures to secure its business operations.” As of publication date, its corporate website is still down with this message showing on the screen:
“This site is currently undergoing maintenance. Sorry for the inconvenience. Please, come back later.”
Reassuring the public, the company said that despite the attack, its business operations will continue and that plans are in place to allow it to “take orders, ship product and conduct other key operations while it resolves this situation.”
With weeks to resolve the situation, we expect Hasbro to finalize its investigations, publish more findings, and restore and reinforce its affected systems to prevent re-entry. The company has also said it can’t currently determine whether any data has been affected.
As a result, users and vendors associated with the company and its brands are advised to stay up to date on any new information about data theft and remain alert to phishing attempts.
In a separate incident, researchers warn that hackers are now using WhatsApp messages to deliver malware to Windows PCs, relying on deceptive attachments and multi-stage attack chains to quietly gain access to systems.
