Image courtesy: Techradar
The USA based company Bose recently disclosed about the occurence of a data breach in their system in early March. The attackers gained access to some of the employees’ personal information. The information accessed included the employees’ names, Social Security numbers, and compensation information.
Around mid-May, a breach notification letter was filed with the New Hampshire Attorney General’s Office. When the breach was discovered, the company launched an incident response protocol.
The company initiated incident response protocols to restore the impacted systems. Another ransomware attack on Colonial Pipeline earlier this month forced the shutdown of the largest oil pipeline in the eastern United States.
According to the company’s breach notification letter, Bose discovered the attack on March 7. Data from internal administrative human resources files pertaining to six former New Hampshire employees were accessed and potentially exfiltrated by the company.
When the breach was discovered, Bose dispatched a technical team to contain the situation. To investigate the attack, the company also collaborated with external forensics providers. According to Bose’s letter, the threat actors interacted with a limited set of folders and the systems were restored.
Bose responsibly availed its employees a year of identity protection services.