Hasbro disclosed a cyberattack this morning in a filing with the Securities and Exchange Commission, confirming that an unauthorized party accessed its network on March 28, 2026. The Rhode Island-based toymaker, whose portfolio spans Monopoly, Transformers, and My Little Pony, activated incident response protocols immediately upon discovery and brought in third-party cybersecurity professionals to lead the investigation.
Systems Taken Offline, Orders Still Processing
As a containment measure, Hasbro proactively took certain systems offline while the investigation continues. The company says it has deployed business continuity plans to keep order processing and product shipments running in the interim, though those measures may need to remain in place for several weeks before the situation is fully resolved, and some delays are expected.
Hasbro’s SEC filing also noted that the company is actively reviewing files that may have been accessed during the intrusion and will issue any legally required notifications based on its findings.
Scope and Threat Actor Unknown
No threat actor has claimed responsibility for the attack. A Hasbro spokesperson declined to comment on the nature of the attack or whether the company has received any communication from the attackers, such as a ransom demand.
Hasbro reported $4.7 billion in revenue for 2025 and is one of the largest toy and entertainment IP companies in the world. The gaming and toy sector has faced repeated targeting from ransomware groups in recent years, with Jakks Pacific and Bandai Namco both falling victim to such attacks previously.
Hasbro’s filing states the company is reviewing files that may have been accessed and will issue notifications as required under applicable law, a standard indicator that customer, employee, or partner data could be involved. The full scope of the incident remains under investigation.
