Exclusive: Child’s play – major US toy manufacturer allegedly hacked by Clop

A major US toy manufacturer has allegedly suffered a cyber attack after the infamous Clop ransomware gang listed it on its dark web leak site.

MGA Entertainment, the manufacturer of brands like Bratz, Baby Born, Little Tikes, Pixel Petz and more, was listed on the dark web leak site of the Clop ransomware gang overnight.

While the threat actor provided no information as to the size and nature of the alleged breach, it did comment on the company’s approach to securing customer data.

You’re out of free articles for this month

Username or Email

Password Forgot password?

Keep me signed in on this device.

First Name

Last Name

Mobile

Organisation Type

By becoming a member, I agree to receive information and promotional messages from Cyber Daily. I can opt out of these communications at any time. For more information, please visit our Privacy Statement.

Need help signing up? Visit the Help Centre.

“The company doesn’t care about its customers, it ignored their security!!!” the listing said.

Unlike some ransomware operators, Clop has also not set a time for when the allegedly stolen data would be published.

It is also worth noting that the US toy manufacturer also has operations internationally, including in Brazil, Canada, Belgium, the Netherlands, Luxemburg, France, Germany, Austria, Italy, Mexico, Poland, Greece, Czech Republic, the UK, Spain, and Australia.

It is unclear whether or not the alleged incident has impacted any operations and, if so, whether international operations have also been affected.

VIEW ALL

Cyber Daily has reached out to both the US and Australian offices for MGA Entertainment.

Clop has developed a reputation as one of the most infamous ransomware operators.

In 2023, Progress Software’s MOVEit file transfer software was breached after threat actors took advantage of a vulnerability.

Clop was quickly pinned as the threat actor behind the breach, which compromised hundreds of organisations and government agencies.

The BBC, British Airways, PwC, Medibank, Shell, the University of Sydney, and many more organisations were affected.

Government agencies affected included the Department of Energy, the Department of Defence, and the Department of Justice, all of which saw millions of federal employees have their data exposed.

Clop also took out the top spot of most notorious threat actor of 2023 for its efforts, according to a report from Qualys.

Daniel Croft

Born in the heart of Western Sydney, Daniel Croft is a passionate journalist with an understanding for and experience writing in the technology space. Having studied at Macquarie University, he joined Momentum Media in 2022, writing across a number of publications including Australian Aviation, Cyber Security Connect and Defence Connect. Outside of writing, Daniel has a keen interest in music, and spends his time playing in bands around Sydney.

You need to be a member to post comments. Become a member for free today!

newsletter

Be the first to hear the latest developments in the cyber industry.

Exclusive: Child’s play – major US toy manufacturer allegedly hacked by Clop

Daniel Croft

OUR PLATFORMS AND BRANDS

EVENTS AND SUMMITS

PODCASTS

LEARNING AND EDUCATION

MOMENTUM MARKETS NETWORK

LINKS

STAY CONNECTED