Hasbro hit by major cyberattack — toymaker confirms 'unfortunate incident' takes down some parts of its websites

News
By published

Hasbro is still running, but some websites are down

Star Wars The Vintage Collection The Mandalorian and Grogu figure
(Image credit: Hasbro)
  • Hasbro confirms cyberattack forcing temporary IT shutdown and containment measures
  • Investigation ongoing into possible data theft; no group has claimed responsibility
  • Company remains operational but warns interim measures may cause delays for several weeks

American toy and entertainment giant Hasbro has confirmed suffering a cyberattack which forced it to temporarily shut down parts of its IT infrastructure.

In a data breach notification filed with the US Securities and Exchange Commission (SEC) on April 1, Hasbro said that it identified unauthorized access to its network a few days prior.

“The company’s investigation is ongoing, and it is working diligently to resolve the matter and determine the full scope of impact,” Hasbro said. “The company has implemented and continues to implement business continuity plans to enable it to continue to take orders, ship product and conduct other key operations while it resolves this situation.”

Article continues below

Looking into data theft

After spotting the intrusion, Hasbro did the usual - activated its security incident response protocols, implemented ‘containment measures’ which included shutting down some systems, and brought in third-party cybersecurity experts to analyze the attack and assess the damage.

In a statement given to the BBC, Hasbro said it will continue working throughout the attack: "While this is an unfortunate incident, Hasbro's business operations remain open," a Hasbro spokesperson told the publication. "We have taken swift action to protect our systems and data," they added.

While Hasbro will remain operational, it will not be business as usual for the owners of Peppa Pig, Transformers, and Dungeons & Dragons. The “interim measures”, as it calls the downtime, will likely be in effect for “several weeks”, the company stated, stressing that this “may result in some delays

The company is also looking into potential data theft, and “will take additional actions as appropriate”, if it finds any. Those actions could include notifying affected individuals about incoming phishing attacks, and offering free credit and identity theft monitoring services.

So far, no threat actors claimed responsibility for the attack, Cybernews confirmed, therefore we don’t know if anyone demanded a ransom payment.

Best antivirus software header
The best antivirus for all budgets

➡️ Read our full guide to the best antivirus
1. Best overall:
Bitdefender Total Security
2. Best for families:
Norton 360 with LifeLock
3. Best for mobile:
McAfee Mobile Security

Follow TechRadar on Google News and add us as a preferred source to get our expert news, reviews, and opinion in your feeds. Make sure to click the Follow button!

And of course you can also follow TechRadar on TikTok for news, reviews, unboxings in video form, and get regular updates from us on WhatsApp too.

Sead Fadilpašić

Sead is a seasoned freelance journalist based in Sarajevo, Bosnia and Herzegovina. He writes about IT (cloud, IoT, 5G, VPN) and cybersecurity (ransomware, data breaches, laws and regulations). In his career, spanning more than a decade, he’s written for numerous media outlets, including Al Jazeera Balkans. He’s also held several modules on content writing for Represent Communications.

You must confirm your public display name before commenting

Please logout and then login again, you will then be prompted to enter your display name.