Audio experts Bose suffered a ransomware attack earlier this year in March, according to an incident notification letter sent to New Hampshire's Office of the Attorney General, by a counsel on behalf of the company.
In the letter, accessed and shared by BleepingComputer, the counsel notes that during investigation of the cyber-incident, the company discovered that data related to six former employees was “accessed and potentially exfiltrated.”
Although the letter doesn’t mention the ransomware that was deployed, or the ransom demanded, it does refer to the incident as a sophisticated attack.
- Shield yourself with these best identity theft protection services
- Check our list of the best firewall apps and services
- These are the best endpoint protection tools
"We did not make any ransom payment," Bose Media Relations Director, Joanne Berthiaume told BleepingComputer, adding that "we recovered and secured our systems quickly with the support of third-party cybersecurity experts."
Playbook response
The counsel notes that the company engaged external cybersecurity experts to help the company investigate the incident.
Again without going into details, the letter notes that Bose first worked to regain control over its systems, before working with its own forensics experts to determine the data that was accessed during the attack.
Late in April, 2021, the company was able to determine that the attackers only got their hands on the human resource files of a half dozen former employees, including their name, social security numbers, and compensation-related information.
The company alerted these employees and claims to have even offered a yearly subscription to an identity protection service for free. Furthermore, it has retained experts to keep their eyes peeled for any signs of the leaked data surfacing on the dark web.
Strangely, the letter mentions that Bose “has been working with the US Federal Bureau of Investigation” but once again fails to mention in what capacity and to what end.
While Bose’ response to the incident is commendable, its extent feels at odds with the reported details of the attack.
In light of the recent ransomware attacks on Colonial Pipeline and on AXA, both of whom had to pay hefty ransoms to regain control of their network, we’re sure the cybersecurity community would appreciate if Bose would share more details about the ransomware variant that hit them and how it managed to cleanse it off its machines.
- Protect your devices with these best antivirus software
Via BleepingComputer
