Cyberattack cost more than $17 million, Key Tronic tells regulators

Avatar

A cyberattack discovered in May by the manufacturer Key Tronic has cost the company more than $17 million, according to a Friday regulatory filing. 

On May 6, the printed circuit board assembly fabricator first detected unusual activity on its servers, leading it to shut down operations in Mexico and the U.S. for two weeks “during remediation efforts.” 

The Black Basta ransomware group claimed the attack on its website and leaked what it claimed was sensitive Key Tronic data.  

On Friday, Key Tronic informed the Securities and Exchange Commission that it had incurred about $2.3 million of expenses connected to the cyberattack and “believes that it lost approximately $15 million of revenue during the fourth quarter.” The Spokane, Washington-based company says the orders are “recoverable” and can be fulfilled next year. 

Its fourth quarter revenue is expected to be $125 million, which is below previous estimates. Last year, it had revenues of more than $596 million. 

A recent report from IBM and the Ponemon Institute found the average cost of a data breach from March 2023 until February 2024 jumped to $4.88 million, up from $4.45 million the year before. 

The manufacturing sector is a frequent target of threat actors, with the forklift giant Crown Equipment reporting a ransomware attack in June and the U.K. manufacturing services company Volex reporting last October that hackers had gained access to its systems.

CybercrimeIndustryNewsNews BriefsTechnology
Get more insights with the

Recorded Future

Intelligence Cloud.

Learn more.

No previous article

No new articles

James Reddick

has worked as a journalist around the world, including in Lebanon and in Cambodia, where he was Deputy Managing Editor of The Phnom Penh Post. He is also a radio and podcast producer for outlets like Snap Judgment.

 

Total
0
Shares
Previous Post

Singapore police wrest back $41 million stolen from commodities firm in BEC scam

Next Post

Ukrainian police detain man who offered services to Russian intelligence on darknet

Related Posts

Lazarus Group Spotted Targeting Nuclear Engineers with CookiePlus Malware

The Lazarus Group, an infamous threat actor linked to the Democratic People's Republic of Korea (DPRK), has been observed leveraging a "complex infection chain" targeting at least two employees belonging to an unnamed nuclear-related organization within the span of one month in January 2024. The attacks, which culminated in the deployment of a new modular backdoor referred to as CookiePlus, are
Avatar
Read More