Printed circuit board assembly (PCBA) manufacturer Keytronic reported that a recent ransomware attack led to expenses and lost revenue exceeding $17 million.
In June, Keytronic disclosed a data breach after a ransomware group leaked allegedly stolen personal information from its systems. The company did not provide any info on the ransomware operation that hit its network, however Black Basta ransomware group leaked over 500 gigabytes of data allegedly stolen from the company. Black Basta ransomware group claims to have stolen ≈530 GB of data, including HR, Finance, Engineering documents, Corporate data, and home users data.
On May 6, 2024, the company detected unauthorized access to portions of its information technology systems. Keytronic immediately launched an investigation into the incident with the help of external cybersecurity experts and notified law enforcement.
The company was forced to halt domestic and Mexico operations for approximately two weeks.
“The cybersecurity incident caused disruptions, and limitation of access, to portions of the Company’s business applications supporting aspects of the Company’s operations and corporate functions, including financial and operating reporting systems.” reads the FORM 8-K/A filed with SEC. “Since the date of the Original Report, the Company has determined that the threat actor accessed and exfiltrated limited data from the Company’s environment, which includes some personally identifiable information.”
As of the date of the FORM 8-K filing, the company restored its operations and corporate functions and locked out the unauthorized third party. Keytronic notified potentially affected parties and regulatory agencies. In June, the company said it had already incurred $600,000 in expenses related to the cybersecurity incident.
On Friday, the manufacturer published a preliminary financial report for Q4 2024 that revealed that the ransomware attack resulted in additional expenses and lost revenue of more than $17 million.
“As previously disclosed, Key Tronic detected a cybersecurity incident on May 6, 2024 that caused disruptions and limited access to portions of the Company’s business applications supporting operations and corporate functions, including financial and operating reporting systems, at its Mexico and U.S. sites during the fourth quarter of fiscal 2024.” states the report. “During the disruption of business, Key Tronic continued to pay wages in accordance with statutory requirements. The Company also deployed new IT-related infrastructure and engaged cyber security experts to remediate the incident. Due to this event, the Company incurred approximately $2.3 million of additional expenses and believes that it lost approximately $15 million of revenue during the fourth quarter. Most of these orders are recoverable and are expected to be fulfilled in fiscal year 2025. Partially offsetting these additional expenses was an insurance gain in the amount of $0.7 million that was also recorded during the quarter.”
The company pointed out that most orders could to be recovered and completed by fiscal year 2025.
Follow me on Twitter: @securityaffairs and Facebook and Mastodon
(SecurityAffairs – hacking, data breach)