Hardware company Keytronic has confirmed a significant data breach, weeks after the Black Basta ransomware group leaked more than 500 GB of stolen data from the company about two weeks ago.
The company, known for its printed circuit board assembly (PCBA), reported the cyber attack in a press release SEC filing more than a month ago, on May 6, the attack is said to have disrupted Keytronic’s operations, limiting access to corporate applications essential to business operations.
In its SEC filing, Keytronic detailed the impact of the breach, including a two-week shutdown of its domestic and Mexican operations to address the incident. Although normal operations have resumed, the investigation confirmed that personal data was stolen during the attack.
Keytronic confirms Black Basta attack
“Since the date of the original report, the company has determined that the threat actor has accessed and exfiltrated limited data from the company’s environment, including some personally identifiable information,” a statement from the filing said.
Keytronic is now notifying potentially affected parties and regulatory authorities.
In addition to the impact of the attack on personal data, Keytronic also announced that the resulting production loss could impact its financial situation for the fourth quarter ending June 29. The company incurred approximately $600,000 in expenses for outside cybersecurity experts, and more costs are expected.
Although Keytronic has not named the attackers, Black Basta has claimed responsibility, claiming that they stole personnel, financial, technical and company data, and shared screenshots of sensitive information such as employee passports and social security cards, customer presentations and company documents.
Ny Breaking has asked Keytronic to share further information and context, but we did not immediately receive a response.