Hasbro has disclosed a cyber incident that disrupted portions of its operations and prompted an ongoing investigation into potential data exposure. The company said it is currently assessing the scope of the attack, including whether any files or sensitive information were accessed, while working to restore normal business functions.
Hasbro is a leading U.S. toy and entertainment company best known for iconic brands such as Transformers, My Little Pony, Monopoly, Nerf, and Play‑Doh. Founded in 1923, the company has evolved into a global entertainment powerhouse, expanding into films, television, and digital gaming based on its franchises. Hasbro operates in more than 100 countries and has continued to grow through strategic acquisitions.
On March 28, 2026, Hasbro detected unauthorized activity within its network. The company immediately initiated its incident response procedures, temporarily took certain systems offline, and began an investigation assisted by external cybersecurity specialists.
“On March 28, 2026, Hasbro, Inc. (the ‘Company’) identified unauthorized access to the Company’s network,” the company stated in a Form 8‑K filing with the U.S. Securities and Exchange Commission. “Upon discovery, the Company promptly activated its security incident response protocols, implemented containment measures, including proactively taking certain systems offline, and launched an investigation with the assistance of third‑party cybersecurity professionals.”
Hasbro reported that its investigation remains ongoing as it works to determine the full impact of the incident.
The company said business continuity plans are in place to support order fulfillment, shipments, and critical operations, though some disruptions or delays are possible. Hasbro is also reviewing files that may have been affected and stated it will take additional steps as necessary, including notifications required under applicable regulations.
“The Company is also working to identify and review the files potentially impacted and will take additional actions as appropriate based on its review and findings, including providing any notifications deemed necessary under applicable law,” the filing noted. “The Company will continue to implement measures to secure its business operations and take additional steps as appropriate.”
Based on the information disclosed regarding the nature of the disruption and the response measures taken, the incident may bear the hallmarks of a ransomware attack. However, no extortion group has publicly claimed responsibility as of this time.
Found this article interesting? Follow us on X(Twitter) ,Threads and FaceBook to read more exclusive content we post.
