Bose Ransomware Attack Exposed Employees’ Data Including Social Security Number, Company Discloses

Bose initiated incident response protocols to restore the impacted systems.

  • Bose offered 12 months of identity protection services to the employees
  • Bose said the threat actors interacted with a limited set of folders
  • Colonial Pipeline was also forced to halt its operations

Upon detecting the breach, Bose employed its technical team to contain the incident

Bose disclosed that the US-based company has been subject to a data breach following a ransomware attack in early March. Some of the employees' information was accessed by the attackers. The premium audio equipment maker filed a breach notification letter with New Hampshire's Office of the Attorney General around mid-May. Upon discovering the breach, the company initiated incident response protocols to restore the impacted systems. Bose also took a series of measures to protect itself from future attacks. Another ransomware attack on Colonial Pipeline had recently forced the shutdown of the largest oil pipeline in the eastern US earlier this month.

According to a breach notification letter from the company, Bose first discovered the attack on March 7. The company's data from internal administrative human resources files relating to six former New Hampshire employees were accessed and potentially exfiltrated. The accessed information included the employees' name, Social Security Number, and compensation-related information.

Upon detecting the breach, Bose employed its technical team to contain the incident. The company also worked with external forensics providers to investigate the attack. Bose said in the letter that the threat actors interacted with a limited set of folders and the systems have been restored.

Bose offered 12 months of identity protection services to the affected employees.

To defend itself from future cyberattacks, Bose detailed the following measures in its letter:

  • Enhanced malware/ ransomware protection on endpoints and servers to further enhance our protection against future malware/ ransomware attacks.
  • Performed detailed forensics analysis on impacted server to analyse the impact of the malware/ ransomware.
  • Blocked the malicious files used during the attack on endpoints to prevent further spread of the malware or data exfiltration attempt.
  • Enhanced monitoring and logging to identify any future actions by the threat actor or similar types of attacks.
  • Blocked newly identified malicious sites and IPs linked to this threat actor on external firewalls to prevent potential exfiltration.
  • Changed passwords for all end-users and privileged users.
  • Changed access keys for all service accounts.

The largest fuel network in the eastern US, Colonial Pipeline, was also forced to halt its operation earlier this month following a ransomware attack. The company paid $4.4 million (roughly Rs. 32.19 crores) in ransom to hackers following the attack.

It's Google I/O time this week on Orbital, the Gadgets 360 podcast, as we discuss Android 12, Wear OS, and more. Later (starting at 27:29), we jump over to Army of the Dead, Zack Snyder's Netflix zombie heist movie. Orbital is available on Apple Podcasts, Google Podcasts, Spotify, Amazon Music and wherever you get your podcasts.

For the latest tech news and reviews, follow Gadgets 360 on Twitter, Facebook, and Google News. For the latest videos on gadgets and tech, subscribe to our YouTube channel.

Email Jasmin Jose
Jasmin Jose is a sub-editor at Gadgets 360. She has directed investigative documentaries, PSAs, and video feat... more

Related Stories

Tech News in Hindi »

Popular Brands
#Trending Stories
  1. Windows 11 May Come as Free Upgrade for Windows 7, Windows 8.1 Users
  2. How to Transfer Your PUBG Mobile Data to Battlegrounds Mobile India
  3. Battlegrounds Mobile India Brings Back PUBG Mobile With Green Blood
  4. Call of Duty: Warzone, Black Ops Cold War Getting Season 4 on June 17
  5. PUBG Mobile's India Avatar Battlegrounds Made Available for Beta Testers
  6. Battlegrounds Mobile India Will Likely Require OTP Authentication to Log In
  7. OnePlus Announces Merger With Oppo to Develop ‘Even Better Products’
  8. Watch: Apple CEO Tim Cook Says Android Has 47 Times More Malware Than iOS
  9. Loki Episode 2: Sophia Di Martino’s Loki Variant, Explained
  10. Vivo V21e 5G Specifications Tipped via Leaked Poster Ahead of Launch
#Latest Stories
  1. Airtel Brings Rs. 456 Prepaid Recharge Plan With 50GB Data, Unlimited Calls to Compete With Jio’s Rs. 447 Pack
  2. Motorola Edge Berlin, Berlin NA, Kyoto, Pstar Specifications Tipped; Could Be Motorola Edge, Edge+ Successors
  3. Leica Leitz Phone 1 With 1-Inch Camera Sensor Launched: Price, Specifications
  4. Kernel Helmet That Is Claimed to Read Human Mind Starts Shipping for $50,000 in US
  5. Slack Getting Scheduled Send Message Feature, Users Can Now Set Custom Date, Time for Messages
  6. Vivo Y12a Tipped to Be in the Works as Rebadged Vivo 12s (2021), Specifications Surface Online
  7. US Tech Giants Must Open Local Offices in Russia or Face Punitive Measures, New Legislation States
  8. Bitcoin Will Touch $250,000 by 2022-End: Billionaire Tim Draper Stays Bullish Despite Recent Dip
  9. Dell Inspiron 14 2-In-1, Inspiron 15, Inspiron 13 Laptops Launched in India: Price, Specifications
  10. OnePlus Nord CE 5G Receiving OxygenOS in India With May 2021 Security Patch, Camera Improvements
Gadgets 360 is available in
Download Our Apps
Available in Hindi
© Copyright Red Pixels Ventures Limited 2021. All rights reserved.