Keytronic, an electronic manufacturing services supplier, has said that it lost more than $17 million as a result of a ransomware assault in May. The American technology firm established in 1969 as an Original Equipment Manufacturer (OEM) of keyboards and mice, but has since grown to become one of the leading global manufacturers of printed circuit board assembly (PCBA), with operations in the United States, Mexico, China, and Vietnam.
In a filing with the Securities and Exchange Commission (SEC) last Friday, Keytronic stated that it detected the incident on May 6 after outages at its Mexico and U.S. sites affected business systems allowing bot operations and corporate services.
"Due to this event, the Company incurred approximately $2.3 million of additional expenses and believes that it lost approximately $15 million of revenue during the fourth quarter," the company noted. "Most of these orders are recoverable and are expected to be fulfilled in fiscal year 2025. Partially offsetting these additional expenses was an insurance gain in the amount of $0.7 million that was also recorded during the quarter.”
Keytronic originally disclosed in a May filing that the hack required it to suspend domestic and Mexican operations for two weeks during the incident response. The corporation also stated that the hackers stole private data from its systems during the intrusion. While Keytronic has yet to identify the attack to a specific threat group, the Black Basta ransomware gang claimed responsibility in late May and published all of the data stolen from the company's systems.
The Black Basta ransomware gang claimed responsibility for the attack in late May and released what they claimed to be all of the data harvested from the company's systems, however Keytronic has not yet linked the attack to a specific threat group.
During the hack, the ransomware gang claimed to have access to several types of data such as HR, finance, engineering, and corporate files. Black Basta's dark web leak website published screenshots of employees' passports and social security cards, customer presentations, and company records. Black Basta is a Ransomware-as-a-Service (RaaS) operation that first appeared in April 2022 and has since claimed numerous high-profile victims, including government contractors and healthcare organisations.