Bose Ransomware Attack Exposed Employees’ Data, Company Confirms

Bose disclosed that the US-based company has been subject to a data breach following a ransomware attack in early March. Some of the employees’ information was accessed by the attackers. The premium audio equipment maker filed a breach notification letter with New Hampshire’s Office of the Attorney General around mid-May. Upon discovering the breach, the company initiated incident response protocols to restore the impacted systems. Bose also took a series of measures to protect itself from future attacks. Another ransomware attack on Colonial Pipeline had recently forced the shutdown of the largest oil pipeline in the eastern US earlier this month.

According to a breach notification letter from the company, Bose first discovered the attack on March 7. The company’s data from internal administrative human resources files relating to six former New Hampshire employees were accessed and potentially exfiltrated. The accessed information included the employees’ name, Social Security Number, and compensation-related information.

Upon detecting the breach, Bose employed its technical team to contain the incident. The company also worked with external forensics providers to investigate the attack. Bose said in the letter that the threat actors interacted with a limited set of folders and the systems have been restored.

Bose offered 12 months of identity protection services to the affected employees.

To defend itself from future cyberattacks, Bose detailed the following measures in its letter:

  • Enhanced malware/ ransomware protection on endpoints and servers to further enhance our protection against future malware/ ransomware attacks.
  • Performed detailed forensics analysis on impacted server to analyse the impact of the malware/ ransomware.
  • Blocked the malicious files used during the attack on endpoints to prevent further spread of the malware or data exfiltration attempt.
  • Enhanced monitoring and logging to identify any future actions by the threat actor or similar types of attacks.
  • Blocked newly identified malicious sites and IPs linked to this threat actor on external firewalls to prevent potential exfiltration.
  • Changed passwords for all end-users and privileged users.
  • Changed access keys for all service accounts.

The largest fuel network in the eastern US, Colonial Pipeline, was also forced to halt its operation earlier this month following a ransomware attack. The company paid $4.4 million (roughly Rs. 32.19 crores) in ransom to hackers following the attack.


It’s Google I/O time this week on Orbital, the Gadgets 360 podcast, as we discuss Android 12, Wear OS, and more. Later (starting at 27:29), we jump over to Army of the Dead, Zack Snyder’s Netflix zombie heist movie. Orbital is available on Apple Podcasts, Google Podcasts, Spotify, Amazon Music and wherever you get your podcasts.

For the latest tech news and reviews, follow Gadgets 360 on Twitter, Facebook, and Google News. For the latest videos on gadgets and tech, subscribe to our YouTube channel.

Jasmin Jose is a sub-editor at Gadgets 360. She has directed investigative documentaries, PSAs, and video features covering arts, culture, science, and general news in the past.  She believes in the power of the Internet and is constantly looking out for the next new technology that is going to transform life on earth. When not doing things news, she can be found reading fiction, physics or philosophy, plucking berries, or talking cinema. Write to her at jasminj@ndtv.com or get in …More

TCS Sees Pandemic-Driven Boost in Europe as Clients Adopt New Technologies

Related Stories

Leave a Reply

Your email address will not be published. Required fields are marked *