Privacy Ninja

Steelcase Furniture Giant Hit By Ryuk Ransomware Attack

Steelcase Furniture Giant Hit By Ryuk Ransomware Attack

Office furniture giant Steelcase has suffered a ransomware attack that forced them to shut down their network to contain the attack’s spread.

Steelcase is the largest office furniture manufacturer globally, with 13,000 employees and $3.7 billion in 2020.

Steelcase suffers a Ryuk ransomware attack

In an 8-K form filed with the Securities and Exchange Commission (SEC), Steelcase has disclosed that they were the victim of a cyberattack on October 22nd, 2020.

On October 22, 2020, Steelcase Inc. (the “Company”) detected a cyberattack on its information technology systems. The Company promptly implemented a series of containment measures to address this situation including temporarily shutting down the affected systems and related operations.

The Company is actively engaged in restoring the affected systems and returning to normal levels of operations. At this time, the Company is not aware of any data loss from its systems or any other loss of assets as a result of this attack. Although cyberattacks can be unpredictable, the Company does not currently expect this incident will have a material impact on its business operations or its financial results.

Also Read: IT Governance Framework PDF Best Practices And Guidelines

BleepingComputer has been actively tracking this attack after a source in the cybersecurity industry told us last week that Steelcase suffered a Ryuk ransomware attack.

We were told that Steelcase’s devices were encrypted by Ryuk after first being targeted by the same group behind the recent attack on Sopra Steria and Universal Health Services.

Those attacks utilized either the BazarLoader or TrickBot infections, which ultimately provide remote access to the Ryuk Ransomware threat actors, who then compromise the rest of the network and deploy Ryuk.

BazarBackdoor attack flow
BazarBackdoor attack flow
Source: Advanced Intel

It is unknown how many devices were encrypted or if business operations were impacted other than the shutting down of the network.

BleepingComputer has contacted Steelcase with further questions but has not heard back.

Also Read: EU GDPR Articles: Key For Business Security And Success



Subscribe to our mailing list to get free tips on Data Protection and Data Privacy updates weekly!

Personal Data Protection


We have assisted numerous companies to prepare proper and accurate reports to PDPC to minimise financial penalties.


Click one of our contacts below to chat on WhatsApp

× Chat with us