Leading toy maker Mattel hit by ransomware
By Lawrence Abrams
Published: 2020-11-03 · Archived: 2026-04-05 13:13:07 UTC
Toy industry giant Mattel disclosed that they suffered a ransomware attack in July that impacted some of its business
functions but did not lead to data theft.
Mattel is the second-largest toymaker in the world with 24,000 employees and $5.7 billion in revenue for 2019. Mattel is
known for its popular brands, including Barbie, Hot Wheels, Fisher-Price, American Girl, and Thomas & Friends.
In a 10-Q form filed with the Securities and Exchange Commission (SEC), Mattel disclosed that it suffered a ransomware
attack on July 28th, 2020.
https://www.bleepingcomputer.com/news/security/leading-toy-maker-mattel-hit-by-ransomware/
Page 1 of 3

0:00
https://www.bleepingcomputer.com/news/security/leading-toy-maker-mattel-hit-by-ransomware/
Page 2 of 3

Visit Advertiser websiteGO TO PAGE
"On July 28, 2020, Mattel discovered that it was the victim of a ransomware attack on its information technology systems
that caused data on a number of systems to be encrypted. Promptly upon detection of the attack, Mattel began enacting its
response protocols and taking a series of measures to stop the attack and restore impacted systems. Mattel believes it has
contained the attack and, although some business functions were temporarily impacted, Mattel was able to restore its critical
operations.," the toymaker stated in their filing.
After conducting their investigation, Mattel does not believe that any data was stolen during the ransomware attack.
"A forensic investigation of the incident has concluded, and no exfiltration of any sensitive business data or retail customer,
supplier, consumer, or employee data was identified," Mattel further stated in their filing.
The filing does not indicate what ransomware operation was responsible for the attack, but a source told BleepingComputer
that Mattel suffered a TrickBot infection in July.
TrickBot infections are known to lead to network-wide compromises eventually followed by Ryuk or Conti ransomware
actors encrypting devices on the infiltrated network.
BleepingComputer contacted Mattel with further questions about the attack but has not heard back at this time.
Automated Pentesting Covers Only 1 of 6 Surfaces.
Automated pentesting proves the path exists. BAS proves whether your controls stop it. Most teams run one without the
other.
This whitepaper maps six validation surfaces, shows where coverage ends, and provides practitioners with three diagnostic
questions for any tool evaluation.
Source: https://www.bleepingcomputer.com/news/security/leading-toy-maker-mattel-hit-by-ransomware/
https://www.bleepingcomputer.com/news/security/leading-toy-maker-mattel-hit-by-ransomware/
Page 3 of 3