Printed circuit board assembly (PCBA) manufacturing firm Keytronic has disclosed a data breach after a ransomware gang published information allegedly stolen from its network.
The incident, the company said in a filing with the US Securities and Exchange Commission (SEC), occurred on May 6, and resulted in network disruptions.
“The cybersecurity incident caused disruptions, and limitation of access, to portions of the company’s business applications supporting aspects of the company’s operations and corporate functions, including financial and operating reporting systems,” Keytronic said.
As a precautionary measure, the company suspended operations in the US and Mexico for two weeks, with no disruption to other international operations. All affected corporate operations and functions have been fully restored.
The investigation into the attack, Keytronic said, has determined that limited data was accessed and exfiltrated from its environment, including personally identifiable information.
“The company is in the process of providing appropriate notifications to potentially affected parties and to regulatory agencies as required by applicable law,” the manufacturing giant said.
In its filing, the manufacturing company also noted that the cyberattack has incurred approximately $600,000 in expenses related to external cybersecurity experts, and that the disrupted production and expenses related to recovery and remediation efforts will likely have a material impact on its financial results for the fourth quarter ending June 29, 2024.
While Keytronic shared no further details on the scope of the data breach or on the responsible threat actor, its disclosure came shortly after the Black Basta ransomware group published on its Tor-based leak site over 500 gigabytes of data allegedly stolen from the company.
The cybergang claimed to have stolen financial documents, engineering data, human resources information, corporate data, and other types of data.
Keytronic specializes in precision plastic molding, precision metal finishing, and assembly services. It manufactures precision parts for the computer, telecoms, medical, industrial, automotive, aerospace and other sectors.
Related: Ascension Says Personal, Health Information Stolen in Ransomware Attack
Related: Ransomware Group Exploits PHP Vulnerability Days After Disclosure
Related: Ransomware Attack on Fencing Systems Maker Zaun Impacts UK Military Data
Related: Hosting Provider CloudNordic Loses All Customer Data in Ransomware Attack
