Hasbro Confirms Cyberattack in SEC Filing, Hackers May Still Be Inside Its Systems

Hasbro has confirmed it was the victim of a cyberattack and disclosed in a Securities and Exchange Commission filing that full recovery could take several weeks, TechCrunch reported Wednesday, with the toy-making giant indicating the intruders may still be present in its systems. The company said it is continuing to implement measures to secure its business operations, language that security researchers interpret as a signal that the attack is ongoing and containment is not yet complete. Hasbro has not disclosed the nature of the attack, the identity of the attackers, or what data may have been accessed or exfiltrated. The breach appears to have begun dragging into a second week, with earlier reports from The Tech Buzz noting the hackers were lingering in Hasbro's environment. SEC rules adopted in 2023 require publicly traded companies to disclose material cybersecurity incidents within four business days of determining an incident is material, which Hasbro's filing suggests it has now done. Hasbro is one of the world's largest toy and game companies, with brands including Monopoly, Nerf, My Little Pony, Magic: The Gathering, and Dungeons & Dragons. Its systems contain sensitive information including employee data, customer records, and intellectual property related to its game and entertainment properties. The breach adds Hasbro to a growing list of consumer companies that have disclosed significant cyberattacks in early 2026, a period that has seen a notable uptick in ransomware and data extortion activity across industries. TechCrunch reported Hasbro's SEC filing and breach disclosure on April 1, 2026.