Targus, the well-known laptop computer bag and case producer, has been hit by a cyber assault that has interrupted its regular enterprise operations.
In an SEC filing, Targus described discovering final Friday that hackers had gained unauthorised entry to its IT programs.
As a consequence, there was a “non permanent interruption” to the enterprise’s operations as a part of what Targus describes its “proactive containment measures” to stop the hackers from inflicting extra issues.
Briefly, so as to lock the dangerous guys out of its community, Targus has been pressured to disable massive components of its infrastructure.
The corporate says that it’s persevering with to analyze the incident and has sought help from exterior consultants. It additionally says that it doesn’t imagine that the incident will materially influence the corporate’s monetary outcomes.
Nonetheless, what Targus hasn’t advised us is something concerning the nature of the assault. The one query everybody in all probability has proper now could be – so, was this a ransomware assault?
Targus hasn’t confirmed in its SEC advisory whether or not malware was concerned within the assault, not to mention ransomware. We simply don’t know if it’s ransomware or not.
However whether it is ransomware, likelihood is that the attackers haven’t simply encrypted programs, however have additionally exfiltrated massive quantities of information from Targus’s community and are threatening to launch it to the broader world if the corporate would not give in to the extortionists’ calls for.
With out SEC rules that got here into impact late final yr, we’d not have identified so rapidly concerning the issues Targus was experiencing.
Since December 15, 2023, US corporations have been required to reveal potential materials cybersecurity incidents to the SEC within four business days, even when the complete extent of an assault’s influence stays unknown.
Little doubt we’ll see extra corporations following in Targus’s footsteps to adjust to SEC rules shortly after the invention of a cybersecurity incident. We can also see extra ransomware gangs truly threaten their victims with SEC disclosure, in the event that they imagine it can pace up ransomware negotiations.
On the time of writing, no hacking teams have publicly claimed accountability for the assault towards Targus.
