If you purchase via links on our site, we may receive affiliate commissions.

Toy maker Jakks Pacific victimized by a second cybergang

Senior Journalist

Updated on: 28 December 2022

Jakks Pacific hack — Image by Shutterstock.

BlackCat ransomware cartel claims to have obtained Jakks Pacific data. Two weeks ago, Hive ransomware posted Jakks Pacific on their leak site.

US-based toy maker Jakks Pacific joined a growing list of companies forced to deal with a ransomware attack. Threat actors first hacked the maker of Super Mario, Sonic, Disney Princess, and other toys in early December.

“On December 8, 2022, JAKKS experienced what many other companies have been and are experiencing: a ransomware attack by bad actors who inserted malware into JAKKS’ computer network and locked up our servers,” the company said in a statement.

At the time, Jakks Pacific believed that threat actors accessed personal information such as names, emails, home addresses, taxpayer ID numbers, and ‘banking information.’ The company said individuals and businesses were affected by the leak pointing to the attack impacting many customers.

Russia-linked Hive ransomware gang was first to post Jakks Pacific on their leak site, a darknet website where cybercriminals share the list of their latest victims.

Hive claims they encrypted the company’s data on 8 December, which corresponds with the cyberattack data Jakks Pacific gave in the company’s statement. Hive made the attack public on 20 December.

Eight days later, another ransomware cartel, BlackCat (ALPHV), also posted Jakks Pacific on their leak site. Crooks supposedly included a screenshot of the stolen data, focusing on documents marked ‘confidential’ and non-disclosure agreements (NDAs).

Threat actors may be sharing or selling the data among themselves to pressure the company into paying the ransom. Reposting the data may also signal that people behind the attack work with several ransomware cartels. This is a common practice, as the latest research show.

CISA, the US cybersecurity watchdog, issued a notice last month, saying that Hive ransomware is among the top threats to US organizations, having extorted some $100 million from more than 1,300 companies worldwide.

Meanwhile, BlackCat has been among the most active ransomware gangs. According to the cybersecurity analyst ANOZR WAY, the group was responsible for approximately 12% of all attacks in 2022. The group’s activity increased by 117% last quarter.