Everything we know about the Hasbro hack so far

Hasbro has had to pull systems offline after a hacking incident hit the toy maker.

The corporate website for Hasbro continues to be offline, with the company saying it may take weeks to recover, though its wider operations remain open. The famous company's brands include Play-Doh, Monopoly, and Peppa Pig, among many others.

Hasbro has yet to respond to ITPro for comment, but told the BBC: "While this is an unfortunate incident, Hasbro's business operations remain open. We have taken swift action to protect our systems and data."

Further details about the nature of the incident, the criminals behind the attack, and whether customer data has been accessed have yet to be released, with Hasbro saying its investigation was ongoing and includes an external security company.

Hasbro hack: What happened?

In a filing yesterday with the US Securities and Exchange Commission, Hasbro said it spotted unauthorized access to its network on 28 March.

"Upon discovery, the Company promptly activated its security incident response protocols, implemented containment measures, including proactively taking certain systems offline, and launched an investigation with the assistance of third-party cybersecurity professionals," the company said in the filing.

Hasbro said its investigation was ongoing, and the full scope of the impact wasn't yet clear. As yet, Hasbro hasn't revealed whether customer data has been affected, but said it was working to "identify and review the files potentially impacted."

"The Hasbro incident is a clear reminder that global brands with expansive digital ecosystems are increasingly exposed, not just through customer platforms but across internal systems and supply chains," said Darren Williams, CEO of BlackFog.

Williams added that the biggest risk now is whether any data was stolen.

"For companies like Hasbro, the combination of customer data, licensing agreements, and intellectual property makes any stolen information highly valuable," he said.

Business continuity

Despite the corporate website remaining offline, the business continues to operate.

"The company has implemented and continues to implement business continuity plans to enable it to continue to take orders, ship product and conduct other key operations while it resolves this situation," Hasbro said in the filing.

"The need to run these interim measures may continue for several weeks before the situation is fully resolved and may result in some delays."

Trevor Dearing, director of critical infrastructure at Illumio, said it's clear that Hasbro had business continuity plans in place, letting operations stay up and running even when some systems are taken offline.

"Last year, we saw the significant impact on the retail industry when businesses have halted operations," Dearing added. "Unlike many organizations, Hasbro has shown that having the right protocols and preparations in place means that a cyber incident doesn’t have to be a disaster."

Dearing added: "Security today is about knowing that breaches are inevitable, but disasters are optional. We need to see more of this kind of resilience, where essential services remain operational while the root cause is investigated and resolved. This realization is key to maintaining trust and continuity during a cyber attack."

FOLLOW US ON SOCIAL MEDIA

Follow ITPro on Google News and add us as a preferred source to keep tabs on all our latest news, analysis, views, and reviews.

You can also follow ITPro on LinkedIn, X, Facebook, and BlueSky.