HQ/EMEAFind out how we can help your business
A major data breach has been disclosed by Keytronic, a well-known PCBA (printed circuit board assembly) manufacturer, as a result of a ransomware attack carried out by the infamous Black Basta ransomware group. The event, which led to the disclosure of 530GB of stolen data, has sparked worries about security vulnerabilities in large-scale industrial operations.
Keytronic initially revealed the intrusion in an SEC filing, stating that the cyberattack took place on May 6. Keytronic’s commercial operations, including access to crucial business systems, were affected by this attack. In order to properly address the breach, the company was forced to cease operations in both Mexico and the United States for two weeks. Everything has since returned to normal.
Originally an Original Equipment Manufacturer (OEM) of keyboards and mice, the company has grown to become one of the biggest PCBA manufacturers in the US. Because of its expansion, it has become a prominent target for cybercriminals looking to take advantage of weaknesses in vital manufacturing infrastructure.
Keytronic worked with authorities in investigating the cyberattack.
Sensitive personal information was discovered in the stolen data, as confirmed by the SEC FORM 8-K/A filing. As required by law, Keytronic notified appropriate regulatory bodies and possibly impacted parties.
Significant financial implications are anticipated as a result of the hack. With further costs expected, Keytronic has already spent over $600,000 on hiring outside cybersecurity specialists. In addition, due to the attack and the ensuing operational difficulties, Keytronic’s financial situation is anticipated to be significantly impacted during the fourth quarter ending June 29, 2024.
Although the affected company did not name the group behind the attack directly in their public statements, the Black Basta ransomware gang has taken credit for it. They claim to have data that they exfiltrated, including information from engineering, finance, human resources, and other business departments. The group has posted screenshots of private information, such as client presentations, staff passports and social security cards, and various company records, to support its claims.
The Keytronic incident illustrates the increasing danger of ransomware gangs and the necessity for businesses to strengthen their cybersecurity defences to fend off such attacks.
