In a letter to New Hampshire Attorney General John Formella, audio equipment company Bose revealed that it was hit with a ransomware attack[1] on March 7.
The letter does not say what kind of ransomware or identify which group was behind the attack, but it explains that the company "experienced a sophisticated cyber-incident that resulted in the deployment of malware/ransomware across Bose's environment."
By April 29, Bose and forensic analysts determined that those behind the attack managed to access internal administrative human resources files that contained the social security numbers, addresses, and compensation information of some employees, including six people who live in New Hampshire.
The company said it could not confirm that the people behind the take did not take files or information out of the system. It is unclear if a ransom was paid.
Bose is now working with a private company and the FBI to search the dark web for any leaked information but hasn't found any indication that its data has been leaked, according to the letter.
The company has now implemented "enhanced malware/ransomware protection" on endpoints and servers, blocked malicious files used during the attack, put in place monitoring tools to watch for subsequent attacks, and more.
The six employees living in New Hampshire were offered free identity protection services through IdentityForce for just 12 months while being told to "remain vigilant" and monitor their own accounts in a letter sent out to those affected on May 19.
Cybersecurity experts said the public notifications forced on companies hit with ransomware attacks were important as other organizations try to protect themselves from similar attacks.
Saryu Nayyar, CEO of Gurucul, commended Bose for publicly disclosing the attack but noted that the timeline of events the company described in the letter was problematic.
"It's