Security Magazine logo
search
cart
facebook twitter linkedin youtube
  • Sign In
  • Create Account
  • Sign Out
  • My Account
Security Magazine logo
  • NEWS
    • Security Newswire
    • Technologies & Solutions
  • MANAGEMENT
    • Leadership Management
    • Enterprise Services
    • Security Education & Training
    • Logical Security
    • Security & Business Resilience
    • Profiles in Excellence
  • PHYSICAL
    • Access Management
    • Fire & Life Safety
    • Identity Management
    • Physical Security
    • Video Surveillance
    • Case Studies (Physical)
  • CYBER
    • Cybersecurity News
    • More
  • BLOG
  • COLUMNS
    • Career Intelligence
    • Cyber Tactics
    • Cybersecurity Education & Training
    • Leadership & Management
    • Security Talk
  • EXCLUSIVES
    • Annual Guarding Report
    • Most Influential People in Security
    • The Security Benchmark Report
    • Top Guard and Security Officer Companies
    • Top Cybersecurity Leaders
    • Women in Security
  • SECTORS
    • Arenas / Stadiums / Leagues / Entertainment
    • Banking/Finance/Insurance
    • Construction, Real Estate, Property Management
    • Education: K-12
    • Education: University
    • Government: Federal, State and Local
    • Hospitality & Casinos
    • Hospitals & Medical Centers
    • Infrastructure:Electric,Gas & Water
    • Ports: Sea, Land, & Air
    • Retail/Restaurants/Convenience
    • Transportation/Logistics/Supply Chain/Distribution/ Warehousing
  • EVENTS
    • Industry Events
    • Webinars
    • Solutions by Sector
    • Security 500 Conference
  • MEDIA
    • Interactive Spotlight
    • Photo Galleries
    • Podcasts
    • Polls
    • Videos
      • Cybersecurity & Geopolitical Discussion
      • Ask Me Anything (AMA) Series
  • MORE
    • Call for Entries
    • Classifieds & Job Listings
    • Newsletter
    • Sponsor Insights
    • Store
    • White Papers
  • EMAG
    • eMagazine
    • This Month's Content
    • Advertise
  • SIGN UP!
CybersecurityManagementSecurity NewswireSecurity Enterprise ServicesSecurity Leadership and ManagementLogical SecuritySecurity & Business ResilienceCybersecurity News

Toy manufacturer Mattel suffers ransomware attack

By Maria Henriquez
ransomware
November 6, 2020

In its quarterly report, toy maker Mattel announced it was the victim of a ransomware attack on its information technology systems that caused data on a number of systems to be encrypted  in July 2020.

According to the report, Mattel contained the attack and, although some business functions were temporarily impacted, it restored its operations. A forensic investigation of the incident has concluded, and no exfiltration of any sensitive business data or retail customer, supplier, consumer, or employee data was identified, the company explained. The company noted there has been no material impact to Mattel's operations or financial condition as a result of the incident.

Ivan Righi, Cyber Threat Intelligence Analyst at Digital Shadows, a San Francisco-based provider of digital risk protection solutions, explains: “Threat actors targeted Mattel with an unnamed ransomware variant, which impacted some of its business functions in July 2020. However, the company stated that attackers did not exfiltrate any data. This incident highlights the continued threat of ransomware for large organizations. Ransomware threats have evolved from leveraging standard data encryption methods to include data exfiltration and exposure components. We have seen the creation of multiple ransomware variants and data leak sites every month, and this trend is likely to continue due to the high popularity of ransomware and ransomware-as-a-service (RaaS) variants. Attacks have become more targeted, and ransom payments have become higher, often reaching values between USD 3-10 million for large companies."

Righi adds, "Ransomware threats for companies often include lengthy downtime, data exposure, legal complications, and brand damage. Organizations within critical sectors, such as healthcare, are more directly affected by threats of downtime. Simultaneously, large technology companies are often more focused on data exposure components, although the multifaceted threats pose a high risk to all organizations. Primary attack vectors for ransomware include weaponized attachments sent via phishing emails and the targeting of Remote Desktop Protocol (RDP). Organizations should restrict RDP behind an RDP Gateway and enable Network Level Authentication if RDP is required to be internet-facing. Additionally, organizations should develop robust patch management policies and promote security awareness programs to train employees to identify suspicious emails and report them to the appropriate security teams.”

Brandon Hoffman, Chief Information Security Officer at Netenrich, a San Jose, Calif.-based provider of IT, cloud, and cybersecurity operations and services, does not believe that the targeting of Mattel specifically was any indicator of a new campaign. Instead, he believes it was most likely because they were victimized recently and many times cybercriminals go back to successful campaigns and try for another round.

"It is clear to everybody the big bet this year, and likely again next year, is ransomware. Ransomware is relatively easy to deploy and can pay off in a major way. With the holiday season upon us, there should be expectations that ransomware campaigns will increase again. Most retailers depend heavily on online business and adversaries view this as an opportunity to “hit them where it hurts”. Meaning if they can cripple systems during Black Friday, Cyber Monday, or other large shopping related events, organizations may be more willing to pay and get systems back online. It’s a matter of lost revenue for service availability versus the cost of the ransom," says Hoffman. "The best thing organizations can do is ensure security fundamentals are functional as to avoid the likelihood of ransomware because even after paying the ransom we have seen cases where recovery has been slow or not effect in totality.”

KEYWORDS: cyber security data breach ransomware risk management

Share This Story

Looking for a reprint of this article?
From high-res PDFs to custom plaques, order your copy today!

Maria Henriquez is a former Associate Editor of Security. She covered topics including cybersecurity and physical security, risk management and more.

Recommended Content

JOIN TODAY
To unlock your recommendations.

Already have an account? Sign In

  • Cyber tech background

    Security’s Top Cybersecurity Leaders 2026

    Security magazine’s Top Cybersecurity Leaders 2026 award...
    Top Cybersecurity Leaders
  • Iintegration and use of emerging tools

    Future Proof Your Security Career with AI Skills

    AI’s evolution demands security leaders master...
    Columns
    By: Jerry J. Brennan and Joanne R. Pollock
  • The 2025 Security Benchmark Report

    The 2025 Security Benchmark Report

    The 2025 Security Benchmark Report surveys enterprise...
    The Security Benchmark Report
    By: Rachelle Blair-Frasier
Manage My Account
  • Security Newsletter
  • eMagazine Subscriptions
  • Manage My Preferences
  • Online Registration
  • Mobile App
  • Subscription Customer Service

More Videos

Popular Stories

Hand reaching up out of the ocean

What I Learned About Burnout the Hard Way (and How to Actually Fix it)

Broken wet floor sign

Why Response Time Is Becoming the Missing Metric in Workplace Safety and Security

Paparazzi

When Private Events Become Public Infrastructure: What Celebrity OSINT Teaches Security Leaders

Cyber Tactics

AIBOMs: Bringing AI Security Out of the Shadows, A Practical Guide for Security Professionals

Medical professional

Nearly 85% of Nurses Experienced Workplace Violence in the Last Year

Kaseware sponsored webinar
Schneider Electric sponsored webinar

Events

August 25, 2026

Critical Infrastructure Security Is National Security: Protecting Essential Operations in an Era of Escalating Risk

LIVE: August 25, 2026 at 2 PM EDT Learn why critical infrastructure security has become a national security imperative, and the strategies organizations can adopt to improve visibility, collaboration, and response across their security operations.

August 27, 2026

Leveraging AI & Mobility to Advance Your Security Domain

LIVE: August 27, 2026 at 2 PM EDT Explore how AI-driven cloud security solutions can elevate your security domain enhancing threat detection, streamlining operations, and delivering the resilience modern organizations demand.

View All Submit An Event

Products

Security Culture: A How-to Guide for Improving Security Culture and Dealing with People Risk in Your Organisation

Security Culture: A How-to Guide for Improving Security Culture and Dealing with People Risk in Your Organisation

See More Products


Alertmedia sponsored webinar

Related Articles

  • ransomware - cyber

    Kia Motors allegedly suffers ransomware attack; cybercriminals demand $20 million to recover sensitive data

    See More
  • ransomware-enews

    Toll Group Suffers Ransomware Attack Again

    See More
  • Unprepared Companies Vulnerable to Ransomware Attacks

    ​Canon suffers ransomware attack that impacts numerous services

    See More

Related Products

See More Products
  • physical security.webp

    Physical Security Assessment Handbook An Insider’s Guide to Securing a Business

See More Products
×

Sign-up to receive top management & result-driven techniques in the industry.

Join over 20,000+ industry leaders who receive our premium content.

SIGN UP TODAY!
  • RESOURCES
    • Advertise
    • Contact Us
    • Store
    • Want More
  • SIGN UP TODAY
    • Create Account
    • eMagazine
    • Newsletter
    • Customer Service
    • Manage Preferences
  • SERVICES
    • Marketing Services
    • Reprints
    • Market Research
    • List Rental
    • Survey/Respondent Access
  • STAY CONNECTED
    • LinkedIn
    • Facebook
    • YouTube
    • X (Twitter)
  • PRIVACY
    • PRIVACY POLICY
    • TERMS & CONDITIONS
    • DO NOT SELL MY PERSONAL INFORMATION
    • PRIVACY REQUEST
    • ACCESSIBILITY

Copyright ©2026. All Rights Reserved BNP Media, Inc. and BNP Media II, LLC.

Design, CMS, Hosting & Web Development :: ePublishing