BlackBasta group published Keytronic data after ransom payment deadline expired

Printed circuit board assembly manufacturer Keytronic said it experienced a data security incident after a ransomware group published a database allegedly stolen from the company.

 

In May, in a filing with the US Securities and Exchange Commission (SEC), Keytronic said that on May 6, it identified unauthorised third-party access to portions of its internal network. The company immediately launched an investigation, with assistance from external cyber security experts, to determine the nature and scope of the incident.

 

Keytronic added that it took steps to contain and remediate the incident and notified relevant law enforcement authorities about the same.

 

“The incident has caused disruptions, and limitation of access, to portions of the Company’s business applications supporting aspects of the Company’s operations and corporate functions, including financial and operating reporting systems.

 

“As the investigation of the incident is ongoing, the full scope, nature and impact of the incident are not yet known, but based on the information reviewed to date, the Company believes the unauthorised activity has been contained and is working diligently to bring the impacted portions of its IT system back online,” reads the SEC filing.

 

“The Company does not believe the incident is reasonably likely to have a material impact on the Company, including its financial condition or results of operations,” Keytronic added.

 

On May 31, the Black Basta ransomware group claimed responsibility for the cyber attack on Keytronic and listed the company as a victim on its data leak site. The group claimed to be in possession of 530 GB of data containing HR, financial data, corporate data, users’ data, PII, technical designs information and more.

 

After the ransom payment deadline expired on June 8, the group published the entire stolen database. Keytronic has yet to comment on how many individuals were affected by the ransomware attack or the financial impact of the attack on its operations.