Technology Tips

June 12, 2021

Bose Is Latest Company To Have Employee Data Breached

Written By Securafy Team

Bose is the latest in an unending parade of major companies to disclose that they've been the victim of a ransomware attack.

In the company's breach notification letter, they indicated that they first detected the incursion on March 7th, 2021, with the attack itself having occurred on April 29th.

Additionally, as is quite common in these cases, the company indicated that they immediately began working with both law enforcement and a third-party cyber security agency to continue the investigation. According to the official notification, Bose did not pay the demanded ransom, and was able to restore their corporate network to full functionality with minimal disruption to the company's business operations.

In terms of scope and scale, the company identified a small number of individuals whose data was impacted and notified everyone who was affected by mail. Based on the forensic analysis, the company determined that the files accessed by the hackers contained personal information related to an unspecified number of current and former employees, including names, social security numbers, salary, and other HR-related information.

In the aftermath of the attack, Bose took the following steps to further bolster their security:

  • Enhanced malware/ransomware protection on endpoints and servers to further enhance our protection against future malware/ransomware attacks.
  • Performed detailed forensics analysis on impacted server to analyze the impact of the malware/ransomware.
  • Blocked the malicious files used during the attack on endpoints to prevent further spread of the malware or data exfiltration attempt.
  • Enhanced monitoring and logging to identify any future actions by the threat actor or similar types of attacks.
  • Blocked newly identified malicious sites and IPs linked to this threat actor on external firewalls to prevent potential exfiltration.
  • Changed passwords for all end-users and privileged users.
  • And changed access keys for all service accounts.

The bottom line is, although unfortunate, the company's handling of the incident has been commendable. We just hope that the day comes when there won't be quite so many stories like this one.

Picture of Securafy Team
About The Author
Our team at Securafy brings you the best tech tips, from how-to guides and troubleshooting advice to software reviews and productivity hacks. We're all about empowering businesses with the tools and knowledge they need to thrive in the digital world. Follow our posts to stay equipped with practical insights that make tech work for you.

Join the Conversation

Subscribe to our newsletter

Sign up for our FREE "Cyber Security Tip of the Week!" and always stay one step ahead of hackers and cyber-attacks.