Data I/O reports business disruptions in wake of ransomware attack
Data I/O, an electronics manufacturer and software vendor for major automotive suppliers and tech firms, said its operations were disrupted in the wake of a ransomware attack earlier this month. The attack occurred Aug. 16, the company said in a regulatory filing Thursday.
“The incident has temporarily impacted the company’s operations including internal and external communications, shipping, receiving, manufacturing production and other support functions,” the company said in a Form 8-K filed with the Securities and Exchange Commission.
The Redmond, Wash.-based company, which counts Amazon, Apple, Google and Microsoft among its customers, said it took measures to some operational functions, but noted a “timeline for a full restoration is not yet known.”
The attack accentuates how ransomware attacks can impact multiple business processes, leaving victim organizations scrambling to respond and recover to intrusions while details are still scant. “As the investigation of the incident is ongoing, the full scope, nature and impact are also not yet known,” the company said nearly a week after the attack.
Data I/O provides equipment and software to program data and provision security systems on flash memory, microcontrollers and logic devices. The company said it serves 18 of the top 20 automotive electronics suppliers in addition to industrial and IoT devices, wireless and consumer electronics and medical devices.
The company said it contained the intrusions and took certain platforms offline after it became aware of the attack. Data I/O did not say if it received an extortion demand or describe the systems that remain impacted by the attack and its response. The company did not immediately respond to a request for comment.
In the SEC filing, Charles DiBona, who was named the company’s vice president and chief financial officer on Aug. 11, said the incident does not currently appear to have a material impact on the company’s business operations.
Yet, DiBona added, costs related to the incident, which remain under investigation with the aid of outside cybersecurity experts, are “reasonably likely to have a material impact on the company’s results of operations and financial condition.”
The company reported a net loss of $742,000 on almost $6 million in revenue in its most recent quarter ending June 30.
