Trudi S.p.A.

Trudi S.p.A. is an Italian manufacturer specializing in plush toys, operating as a subsidiary of Giochi Preziosi. The company develops and produces a range of plush products, many of which are tied to licensing partnerships that leverage established brand recognition. These partnerships involve collaboration with other intellectual property holders, as indicated by the exposure of such details during a cyber incident. The company's operations encompass design, manufacturing, and distribution within the toy industry. The specific markets served are not detailed in the available information, though the use of licensing suggests a business model that may extend beyond domestic sales through partner brands. Trudi's product portfolio appears centered on licensed plush toys, with the incident overview confirming that licensing agreements and product lines are critical business information. The company's brand recognition is noted as a factor exploited by attackers to increase pressure during the ransomware incident, underscoring its market presence. No quantitative data regarding size, revenue, or employee count is provided.

As a subsidiary, Trudi is part of Giochi Preziosi's corporate structure, which likely influences its operational and strategic direction. On February 16, 2023, the company suffered a ransomware attack claimed by the LockBit cyber gang using the LockBit 3.0 variant. The attack involved data encryption and exfiltration, with attackers threatening to publish stolen data unless a ransom was paid within 15 days. Additional paid services were offered to extend deadlines, delete data, or allow exclusive downloads. This double extortion scheme disrupted operations and exposed sensitive business information, including licensing partnerships and product lines. LockBit operates a ransomware-as-a-service model, where affiliates execute attacks and share ransom proceeds. The incident highlights the cybersecurity risks faced by manufacturers in the consumer goods sector, particularly those handling valuable licensing data. The exposure of confidential business details may have implications for existing licensing relationships, though specific consequences are not detailed. This event represents a significant cybersecurity challenge in the company's recent history.