# Steelcase furniture giant hit by Ryuk ransomware attack **[bleepingcomputer.com/news/security/steelcase-furniture-giant-hit-by-ryuk-ransomware-attack/](https://www.bleepingcomputer.com/news/security/steelcase-furniture-giant-hit-by-ryuk-ransomware-attack/)** Lawrence Abrams By [Lawrence Abrams](https://www.bleepingcomputer.com/author/lawrence-abrams/) October 27, 2020 12:30 PM 0 Office furniture giant Steelcase has suffered a ransomware attack that forced them to shut down their network to contain the attack's spread. Steelcase is the largest office furniture manufacturer globally, with 13,000 employees and $3.7 billion in 2020. ## Steelcase suffers a Ryuk ransomware attack In an 8-K form filed with the Securities and Exchange Commission (SEC), Steelcase has disclosed that they were the victim of a cyberattack on October 22nd, 2020. On October 22, 2020, Steelcase Inc. (the “Company”) detected a cyberattack on its information technology systems. The Company promptly implemented a series of containment measures to address this situation including temporarily shutting down the affected systems and related operations. ----- The Company is actively engaged in restoring the affected systems and returning to normal levels of operations. At this time, the Company is not aware of any data loss from its systems or any other loss of assets as a result of this attack. Although cyberattacks can be unpredictable, the Company does not currently expect this incident will have a material impact on its business operations or its financial results. BleepingComputer has been actively tracking this attack after a source in the cybersecurity industry told us last week that Steelcase suffered a Ryuk ransomware attack. We were told that Steelcase's devices were encrypted by Ryuk after first being targeted by [the same group behind the recent attack on Sopra Steria and](https://www.bleepingcomputer.com/news/security/french-it-giant-sopra-steria-hit-by-ryuk-ransomware/) [Universal Health Services.](https://www.bleepingcomputer.com/news/security/uhs-hospitals-hit-by-reported-country-wide-ryuk-ransomware-attack/) If you have first-hand information about this or other unreported cyberattacks, you can [confidentially contact us on Signal at +16469613731 or on Wire at @lawrenceabrams-bc.](http://10.10.0.46/tel:+16469613731) Those attacks utilized either the BazarLoader or TrickBot infections, which ultimately provide remote access to the Ryuk Ransomware threat actors, who then compromise the [rest of the network and deploy Ryuk.](https://www.bleepingcomputer.com/news/security/bazarloader-used-to-deploy-ryuk-ransomware-on-high-value-targets/) **BazarBackdoor attack flow** Source: [Advanced Intel](https://www.advanced-intel.com/) It is unknown how many devices were encrypted or if business operations were impacted other than the shutting down of the network. BleepingComputer has contacted Steelcase with further questions but has not heard back. ### Related Articles: [Luxury fashion house Zegna confirms August ransomware attack](https://www.bleepingcomputer.com/news/security/luxury-fashion-house-zegna-confirms-august-ransomware-attack/) [Costa Rica declares national emergency after Conti ransomware attacks](https://www.bleepingcomputer.com/news/security/costa-rica-declares-national-emergency-after-conti-ransomware-attacks/) ----- [New Black Basta ransomware springs into action with a dozen breaches](https://www.bleepingcomputer.com/news/security/new-black-basta-ransomware-springs-into-action-with-a-dozen-breaches/) [American Dental Association hit by new Black Basta ransomware](https://www.bleepingcomputer.com/news/security/american-dental-association-hit-by-new-black-basta-ransomware/) [Wind turbine firm Nordex hit by Conti ransomware attack](https://www.bleepingcomputer.com/news/security/wind-turbine-firm-nordex-hit-by-conti-ransomware-attack/) [Cyberattack](https://www.bleepingcomputer.com/tag/cyberattack/) [Ransomware](https://www.bleepingcomputer.com/tag/ransomware/) [Ryuk](https://www.bleepingcomputer.com/tag/ryuk/) [SEC](https://www.bleepingcomputer.com/tag/sec/) [Steelcase](https://www.bleepingcomputer.com/tag/steelcase/) [Lawrence Abrams](https://www.bleepingcomputer.com/author/lawrence-abrams/) Lawrence Abrams is the owner and Editor in Chief of BleepingComputer.com. Lawrence's area of expertise includes Windows, malware removal, and computer forensics. Lawrence Abrams is a co-author of the Winternals Defragmentation, Recovery, and Administration Field Guide and the technical editor for Rootkits for Dummies. [Previous Article](https://www.bleepingcomputer.com/news/security/fbi-hackers-stole-government-source-code-via-sonarqube-instances/) [Next Article](https://www.bleepingcomputer.com/news/security/enel-group-hit-by-ransomware-again-netwalker-demands-14-million/) Post a Comment [Community Rules](https://www.bleepingcomputer.com/posting-guidelines/) You need to login in order to post a comment [Not a member yet? Register Now](https://www.bleepingcomputer.com/forums/index.php?app=core&module=global§ion=register) ### You may also like: -----