Audio equipment manufacturer Bose has notified the New Hampshire Office of the Attorney General of a “sophisticated cyber-incident that resulted in the deployment of malware/ransomware.” Bose discovered the incident on March 7th. Third party security experts were hired to restore affected systems and to determine whether any data had been accessed by attackers. With their assistance, no ransom was paid, and all systems have been recovered.
The notice from Bose stated, “During our investigation, we identified a very small number of individuals whose data was impacted, and we sent notices to them directly in accordance with our legal requirements.”
On April 29th, Bose determined that the attackers had been able to access a number of spreadsheets maintained by HR that contained current and former employees’ personal information. Names, Social Security numbers compensation and other information was made available in the spreadsheets. By May 19th, Bose had notified all individuals whose data had been accessed. Bose has also worked with third parties to monitor for any leaked data, though none has been found.
12 Essentials for a Successful SOC Partnership
As cyber threats continue to impact businesses of all sizes, the need for round-the-clock security