Cyber Incident Victim: Boardriders
Date:
Oct 2019
Location:
United States of America
Summary
Boardriders, a global action sports company with subsidiaries including Quiksilver and Billabong, suffered a ransomware attack that disrupted operations worldwide. The incident forced widespread system shutdowns, preventing employees from using computers until systems were cleaned and causing significant shipping delays for retailers and online customers. E-commerce platforms offered promotions to mitigate disruption impacts while the company worked to restore services. Internal IT teams managed recovery efforts, eventually resuming normal transaction and shipping operations, with the organization expressing gratitude for staff resilience and customer patience during the outage.
| CIA Posture | Motives | Tactics, Techniques & Procedures |
|---|---|---|
| Available to members | 1 motive | 1 technique |
| Threat Actors | Type | Location |
|---|---|---|
| 0 actors | Available to members | Available to members |
Description
Boardriders, a global action sports corporation overseeing brands including Quiksilver, Billabong, ROXY, RVCA, DC Shoes, and Element, experienced a disruptive ransomware attack during the last week of October 2019. The incident forced the company to shut down computing systems across its worldwide operations, impacting multiple regional systems and affecting approximately 10,000 employees. Staff were prohibited from using their computers until the IT infrastructure could be fully sanitized, causing significant operational paralysis. The attack severely disrupted e-commerce platforms, with customer-facing websites displaying notices about shipping delays and offering 20% discounts to mitigate inconvenience. Retail partners and online customers faced major delays in receiving stock due to system-wide interruptions. Industry sources described the organization as being in a "world of pain," emphasizing the severity of the logistical and technical challenges. While Boardriders did not publicly confirm the ransomware nature of the attack in its official statements, multiple sources familiar with the incident independently verified it as ransomware to media outlets. The global scale of the compromise necessitated coordinated recovery efforts across all affected regions.
The company's IT teams prioritized system restoration to resume normal business operations, with Boardriders later stating that transactions and shipping had largely returned to standard functionality following intensive recovery work. In communications to ShopEatSurf, the corporation acknowledged the multinational impact of the attack but did not disclose technical specifics regarding affected systems or data compromise. Leadership publicly commended employees for their response to the crisis and expressed gratitude to customers and vendors for their patience during the disruption. Despite restoration progress, residual effects included persistent shipping bottlenecks and operational inefficiencies during the recovery phase. Boardriders declined to provide additional details when contacted by BleepingComputer for further incident clarification. The attack underscored vulnerabilities in the retail sector's supply chain infrastructure, with prolonged IT restrictions hampering inventory distribution even after primary systems were restored. No threat actor group or ransom demands were publicly attributed to the incident in available reporting.