Keytronic, a well-known hardware manufacturer, has disclosed a large data breach following the Black Basta ransomware group’s release of more than 520GB of stolen company data around two weeks ago.
The American technology startup Keytronic started out as an Original Equipment Manufacturer (OEM) of mice and keyboards. It is currently one of the largest manufacturers of printed circuit board assemblies (PCBA).
In an SEC report last month, Keytronic said that a cyberattack on May 6 had interrupted company operations and limited access to critical business systems. The attack disrupted company operations and restricted access to critical IT systems at Keytronic.
Keytronic disclosed the impacts of a severe attack in its SEC report. The incident resulted in a two-week closure of US and Mexican operations. The investigation verified the theft of personal data during the attack, even though activities are again back to normal.
The investigation confirmed that during the incident, attackers got sensitive information. According to FORM 8-K/A SEC report:
The Company has determined that the attackers accessed and exfiltrated limited data, including some personally identifiable information. The Company is currently notifying potentially affected parties and regulatory agencies as required by law.
Keytronic disclosed that the cyberattack caused industrial disruptions in addition to compromising sensitive information. This disruption might have an impact on the company’s financial results in the fourth quarter, which ends on June 29. Keytronic has already spent around £450,000 on external cybersecurity specialists, with further costs predicted.
Black Basta Ransomware Group claims responsibility for the keytronic data breach
Keytronic has not identified the attackers, but Black Basta has taken credit. They claim they took data from the human resources, finance, engineering, and business sectors. Employee passports, social security cards, client presentations, and company documentation are among the screenshots shared.
Black Basta ransomware launched in April 2022, most likely by former members of the Conti ransomware gang who broke out. Since then, Black Basta has emerged as a serious threat, responsible for several high-profile attacks.
The group has attacked major businesses such as Capita, Hyundai’s European company, the Toronto Public Library, the American Dental Association, and Ascension, a US healthcare company.
According to CISA and the FBI, Black Basta compromised 500 organisations between April 2022 and May 2024, impacting 12 of the 16 vital infrastructure sectors.
At Phishing Tackle, we know all too well that security technology is often left incorrectly configured, demonstrated by our free Domain Spoofing Test which currently gets past around 50% of users security systems.
Security Awareness Training remains one of the most cost-effective methods of boosting cyber-security within your business. Have a look at our free Click-Prone® Test to find out how many of your staff are susceptible to a phishing attack and learn how you can reduce this number today.
