Transformers, Peppa Pig Toymaker Forecasts Delays, Says Product Shipping Continues
Toymaker Hasbro said its IT systems have been breached, leading to some operations being disrupted, and it warned that a full recovery may take weeks.
See Also: AI Impersonation Is the New Arms Race—Is Your Workforce Ready?
The Rhode Island-based company, which owns such brands as Transformers, Peppa Pig, Monopoly, Nerf, Dungeons & Dragons and Magic: The Gathering, said it detected the attack on Saturday.
The company didn’t say if the hack attack involved ransomware or if it had received a ransom demand, but did say data appears to have been stolen, and that its investigation into the security incident, with the aid of external cybersecurity experts, is continuing.
Hasbro in February reported 2025 annual revenue of $4.1 billion. The company is one of the world’s largest toymakers, competing with the likes of Lego, Bandai Namco and Mattel.
A Hasbro spokesperson told ISMG the company had “taken swift action to protect our systems and data.”
The company told investors in an 8-K filing to the U.S. Securities and Exchange Commission on Wednesday that when it discovered the breach, it “promptly activated its security incident response protocols, implemented containment measures, including proactively taking certain systems offline and launched an investigation with the assistance of third-party cybersecurity professionals.”
Hasbro said it’s “implemented and continues to implement business continuity plans to enable it to continue to take orders, ship product and conduct other key operations while it resolves this situation.”
The company forecast that “the need to run these interim measures may continue for several weeks before the situation is fully resolved and may result in some delays.”
Hasbro said it’s still reviewing which files may have been accessed and stolen by its attacker, after which it plans to notify any victims as necessary.
The boardgame and toy-making giant is the latest in a long line of brand-name companies to have suffered a data breach. Last year, that included the likes of carmaker Jaguar Land Rover, numerous retailers as well as financial services firms.
Many of these breaches trace to ShinyHunters or other spinoffs of the largely Western, adolescent cybercrime community known as The Com.
Despite the prevalence of data breaches, often followed by attackers attempting to shake down a victim for a ransom payment, in return for a promise to delete the stolen data, security experts said profits tied to this type of extortion have been plummeting. They said this is due in no small part to more victims understanding that whatever criminals might promise, they never delete stolen data (see: Victims Are Rebuffing Ransomware Mass Data Theft Campaigns).
Seeking to drive extortion revenues back up, many criminals are resorted to more extreme tactics, often featuring such harassment as “swatting, DDoS attacks, email flooding, SMS flooding” and attempting to poison a victim’s reputation through media manipulation, said Allison Nixon, сhіеf rеѕеаrсh оffісеr аt threat intelligence firm Unіt 221В, who has herself been targeted by multiple groups.
Post-breach, she recommends victims not only ignore such harassment but decline to engage at all with such attackers. “The focus should now be on mitigation and remediation of that breached data, notifying impacted customers and stakeholders, and coming up with a plan to lessen the impact of that breach going forward. The good news is that the harassment will end,” Nixon said.