Friday, November 6th, 2020

Happy Friday, readers! This week marks the beginning of November, and what some claim to be the official Christmas season. 

In the spirit of Christmas, the lists of presents and preparations for the holiday are already underway. Children prepare their lists for Santa, and family members begin the hunt for the perfect gift. 

Speaking of gifts, the topic of this week’s cyber attack of the week is toy giant, Mattel. Instead of the upcoming Christmas season being their number one priority, dealing with a ransomware attack takes precedent. 



To begin, Mattel is a household name when it comes to toys. Like many others, I grew up with some of their products like Barbies, American Girl dolls, Fisher-Price items, and many others. 

Further, since the company is such a household name, that makes it a huge target for attackers. To elaborate, with a large consumer base, comes a plethora of personal and payment information to manage. 

And this, is what attackers are looking for when plotting an attack, and choosing a target.


The Attack

Now that we have a little more background information on Mattel, let’s take a look at the attack. To begin, the attack is not as recent as one may think. 

The report of the attack dates back to July of 2020. The discovery of such an attack made headlines when Mattel recently filed with the SEC or Securities and Exchange Commission.

Further, the company filed a 10-Q form regarding the ransomware attack, thus bringing attention to the attack on July 28th, 2020. 

In Mattel’s statement regarding the attack, they touch on the type of attack, timeline and response. 


“On July 28, 2020, Mattel discovered that it was the victim of a ransomware attack on its information technology systems that caused data on a number of systems to be encrypted. Promptly upon detection of the attack, Mattel began enacting its response protocols and taking a series of measures to stop the attack and restore impacted systems. Mattel believes it has contained the attack and, although some business functions were temporarily impacted, Mattel was able to restore its critical operations.”


Aftermath for Mattel

Following the attack, Mattel took action and enlisted the help of cyber forensic experts. Further, the company claims that no data fell victim in the attack and remains secure.

Continuing, it most likely goes without saying that cyber security policies and procedures will be under scrutiny. 

Many continue to speculate on the source of the ransomware and officially confirm the attack. But at this point, only time will tell. 

Hopefully, the company does not discover later that data was in fact stolen or compromised during the attack, and continues to implement cyber security. 


By Taylor Ritchey