The Bosé Ransomware
The leading audio-tech vendor Bosé has revealed that a ransomware attack has hit its network and resulted in a suspected exfiltration of employee data.
According to a letter sent by the company to the Attorney General Office in New Hampshire, the attack started on 7th of March, but it was handled with a successful incident response procedure. The letter didn’t specify the exact amount of the ransom that the attackers demanded from the company. However, Bose’s spokesperson told the media that Bosé refrained from paying and instead used its own resources to recover control of its affected networks.
As per the available details, Bosé initiated processes for incident response, which enabled its technical staff to handle the incident properly and strengthen the company’s defenses against unauthorized activity.
Following the attack, Bosé has further begun an extensive investigative procedure with competent third-party forensic service providers. Due to the complexity of this assault, the audio-tech vendor worked with its cyber-experts methodically to securely return their systems online.
Research details reveal that the attackers have had access to the names, Social Security numbers and salary-related data of six former Bosé employees, however, there is lack of evidence that this data has been exfiltrated. According to the letter, the forensics analysis only indicates that a malicious actor has interacted with a limited number of files.
After the incident, Bosé has been working closely with professionals who have been engaged to monitor the Dark Web for any indications of leaked company data. The company reported that all employees affected by the data-breach incident, which was detected on 29th of April, have been informed.
By 19th of May 2021, the company has not received any indications from its own monitoring process or the affected employees that the data mentioned above was illegally distributed, sold or publicly disclosed.