Mobile device accessory manufacturer Targus has disclosed a cyberattack targeting its internal systems earlier this month.
In a regulatory filing, the company revealed that threat actors had gained access to its network on April 5th.
According to the filing, Targus’ security teams first detected the unauthorized presence of hackers on the organization’s file servers during routine monitoring.
Incident Response Protocol Activated
In response, Targus swiftly activated its cyber incident response plan along with help from external cybersecurity experts. This included investigating the scope of the compromise, containing the intruders’ access, and embarking on system recovery efforts.
“Upon discovery and with assistance from external cybersecurity counsel and consultants, Targus immediately activated its incident response and business continuity protocols to investigate, contain and remediate the incident,”
Reads the 8-K filing.
“Through this process, proactive containment measures to disrupt unauthorized access resulted in a temporary interruption in the business operations of the Targus network.”
As part of the containment strategies, the company temporarily shut down portions of its internal IT infrastructure. This led to interruptions in regular business operations while digital forensic activities and cleanup was underway.
Targus Cyberattack Potential Data Theft Risks
While no confirmation of a data breach has been made so far, the fact that hackers infiltrated file servers indicates a risk of data exfiltration that may compromise customer orders, shipping addresses and payment details.
Law enforcement has been alerted about the unauthorized access but no criminal or state-sponsored group has taken responsibility. The true identity and goals of the cyber attackers involved remain unknown and under investigation.
The incident underscores the growing threat to product manufacturers from vulnerabilities in their own networks or links within the supply chain.