MathWorks

MathWorks, the developer of MATLAB and Simulink, suffered a ransomware attack in April that resulted in the theft of personal data belonging to 10,476 individuals, including names, addresses, dates of birth, Social Security Numbers (SSNs), and non-U.S. national identification numbers. The breach disrupted critical internal systems and customer-facing services, such as multi-factor authentication (MFA), Single Sign-On (SSO), the MathWorks Cloud Center, file exchange, license center, and online store, causing prolonged outages. The company detected the intrusion on May 18, over a month after the initial breach, and publicly disclosed it on May 27. While MathWorks confirmed the ransomware attack, it has not disclosed the threat actor’s identity or whether a ransom was paid. The stolen data’s sensitivity—particularly SSNs and national IDs—poses severe risks of identity theft, financial fraud, and long-term reputational damage. The incident underscores the growing threat of ransomware gangs exfiltrating high-value personal data before encrypting systems, compounding operational and legal repercussions for affected organizations.

Source: https://www.bleepingcomputer.com/news/security/matlab-dev-says-ransomware-gang-stole-data-of-over-10-000-people/

TPRM report: https://www.rankiteo.com/company/the-mathworks_2

"id": "the708082825",
"linkid": "the-mathworks_2",
"type": "Ransomware",
"date": "4/2025",
"severity": "100",
"impact": "5",
"explanation": "Attack threatening the organization's existence"

{'affected_entities': [{'customers_affected': '10,476 individuals',
                        'industry': 'Software Development (Mathematical '
                                    'Computing & Simulation)',
                        'location': 'Natick, Massachusetts, USA',
                        'name': 'MathWorks',
                        'size': '6,500+ employees',
                        'type': 'Private Company'}],
 'customer_advisories': ['Data breach notification letters sent to affected '
                         'individuals'],
 'data_breach': {'data_exfiltration': True,
                 'file_types_exposed': ['Documents'],
                 'number_of_records_exposed': '10,476',
                 'personally_identifiable_information': ['Names',
                                                         'Addresses',
                                                         'Dates of Birth',
                                                         'Social Security '
                                                         'Numbers (SSNs)',
                                                         'Non-U.S. National '
                                                         'Identification '
                                                         'Numbers'],
                 'sensitivity_of_data': 'High (includes SSNs, national '
                                        'identification numbers, dates of '
                                        'birth)',
                 'type_of_data_compromised': ['Personal Information',
                                              'Documents']},
 'date_detected': '2024-05-18',
 'date_publicly_disclosed': '2024-05-27',
 'description': 'MathWorks, a developer of mathematical simulation and '
                'computing software (MATLAB, Simulink), disclosed a ransomware '
                'attack in April 2024 that led to the theft of personal data '
                'of over 10,000 individuals. The breach disrupted internal '
                'systems and online services, including MFA, SSO, cloud '
                'center, file exchange, license center, and the online store. '
                'The company detected the incident on May 18, 2024, and '
                'publicly disclosed it on May 27, 2024. Stolen data includes '
                'names, addresses, dates of birth, Social Security Numbers, '
                'and non-U.S. national identification numbers. The ransomware '
                'gang responsible remains unnamed, and no group has claimed '
                'responsibility, suggesting possible ongoing negotiations or a '
                'ransom payment.',
 'impact': {'brand_reputation_impact': True,
            'data_compromised': True,
            'downtime': True,
            'identity_theft_risk': True,
            'operational_impact': True,
            'systems_affected': ['Multi-Factor Authentication (MFA)',
                                 'Account SSO',
                                 'MathWorks Cloud Center',
                                 'File Exchange',
                                 'License Center',
                                 'Online Store']},
 'investigation_status': 'Ongoing (no ransomware gang claimed responsibility; '
                         'possible negotiations or ransom payment)',
 'ransomware': {'data_exfiltration': True},
 'references': [{'source': 'BleepingComputer'},
                {'source': 'Maine Attorney General Filing'},
                {'source': 'Massachusetts Attorney General Data Breach '
                           'Notification Letters'}],
 'regulatory_compliance': {'regulatory_notifications': ['Maine Attorney '
                                                        'General',
                                                        'Massachusetts '
                                                        'Attorney General']},
 'response': {'communication_strategy': ['Public disclosure (May 27, 2024)',
                                         'Data breach notifications to '
                                         'affected individuals',
                                         'Filings with Maine and Massachusetts '
                                         'Attorneys General'],
              'incident_response_plan_activated': True},
 'title': 'MathWorks Ransomware Attack and Data Breach',
 'type': ['Ransomware Attack', 'Data Breach']}