Cyber Incident Victim: D-Box Technologies

On July 12, 2021, after the close of business, D-Box Technologies experienced a ransomware attack targeting its information technology systems. The attack involved malware that encrypted electronic data stored on the corporation’s network, rendering it unreadable and unusable. D-Box detected the intrusion on the same day it occurred and immediately initiated containment measures to mitigate potential impacts on data and operations. The company began recovery processes but confirmed the attack affected most of its systems, anticipating business operations would be adversely disrupted for several days or longer depending on data restoration and system recovery timelines. An investigation into the full scope of the incident was ongoing at the time of the July 16, 2021, public disclosure, with no conclusive evidence yet found regarding data exfiltration or the specific ransomware variant used.

D-Box stated there was no indication that customer personal information was compromised, noting its client base primarily consists of businesses that generally do not provide personal data to the corporation. However, the company acknowledged some employee personal information might have been accessed or exposed during the attack and committed to implementing measures to minimize impacts on affected individuals if confirmed. Independent cybersecurity experts were engaged to assist with the response, following industry best practices for incident management. The corporation emphasized operational disruptions but did not specify which systems or departments were most severely affected beyond the broad impact on "most of its systems." Recovery efforts focused on restoring encrypted data and regaining full system functionality, though no definitive timeline for complete resolution was provided in the initial disclosure.