IT Pro is supported by its audience. When you purchase through links on our site, we may earn an affiliate commission. Learn more

Bose admits ransomware attack exposed employee data

Hackers managed to obtain HR data including "compensation-related information" during the March attack

Bose has confirmed that it had experienced a data breach, having fallen victim to a ransomware attack in early March.

The audio equipment manufacturer admitted to the incident in a letter sent to the office of the Attorney General at the New Hampshire Consumer Protection Bureau last week. In the filing, the company's legal representative said that Bose had "experienced a sophisticated cyber-incident that resulted in the deployment of malware/ransomware across [its] environment". The incident is only known to have affected Bose's US systems.

"Immediately upon discovering the attack on March 7, Bose initiated incident response protocols, activated its technical team to contain the incident, and hardened its defenses against unauthorized activity," the letter continued.

In late April, the company's investigation found that hackers managed to obtain HR data "relating to six former New Hampshire employees", including "name, Social Security Number, and compensation-related information".

Although Bose's investigators could not find "evidence to confirm that the data contained in these files was successfully exfiltrated", the company was also "unable to confirm that it was not".

According to Bose's representative, the company has taken steps to further investigate the data breach by cooperating with the FBI as well as employing "experts to monitor the dark web for any indications of leaked data".

The company has also sought to mitigate the chances of a future cyber attack occurring by enhancing its server and endpoint security, performing "detailed forensics analysis on the impacted server to analyse the impact of the malware/ransomware", and "enhanced monitoring and logging to identify any future actions by the threat actor or similar types of attacks".

It also confirmed that the malicious files used during the attack, as well as "newly identified malicious sites and IPs linked to this threat actor", had been blocked.

Bose Media Relations Director Joanne Berthiaume told IT Pro that the company had not made "any ransom payment".

The identity of the hackers is not known, but the incident follows in the footsteps of several other recent high-profile ransomware attacks that targeted Colonial Pipeline, as well as the Irish and New Zealand health services.

Featured Resources

Join the 90% of enterprises accelerating to the cloud

Business transformation through digital modernisation

Free Download

Delivering on demand: Momentum builds toward flexible IT

A modern digital workplace strategy

Free download

Modernise the workforce experience

Actionable insights and an optimised experience for both IT and end users

Free Download

The digital workplace roadmap

A leader's guide to strategy and success

Free Download

Recommended

Best free malware removal tools 2022
Security

Best free malware removal tools 2022

22 Jun 2022
A guide to cyber security certification and training
Careers & training

A guide to cyber security certification and training

16 Jun 2022
What is shoulder surfing?
social engineering

What is shoulder surfing?

10 Jun 2022
CIAM buyer’s guide
Whitepaper

CIAM buyer’s guide

6 Jun 2022

Most Popular

Raspberry Pi launches next-gen Pico W microcontroller with networking support
Hardware

Raspberry Pi launches next-gen Pico W microcontroller with networking support

1 Jul 2022
Xerox CEO John Visentin dies unexpectedly aged 59
Careers & training

Xerox CEO John Visentin dies unexpectedly aged 59

30 Jun 2022
Former Uber security chief to face fraud charges over hack coverup
data breaches

Former Uber security chief to face fraud charges over hack coverup

29 Jun 2022