BASSETT, Va. — On July, 10, Bassett Furniture Industries Inc. was hit by a substantial cybersecurity breach that led to a halt in manufacturing operations. The company's manufacturing operations were still down according to a July 15 supplemental filing with the Security and Exchange Commission.

Woodworking Network has reached out to Bassett for comment, but as yet not heard back from company officials.

The unauthorized activity was detected within the company's IT systems, prompting immediate containment and remediation efforts, including the shutdown of certain systems.

Upon detecting the unauthorized occurrences, the company immediately began taking steps to contain, assess and remediate the incident, including beginning an investigation, activating its incident response plan, and shutting down some systems. 

The threat actor disrupted the company’s business operations by encrypting some data files. As a result of the containment measures, which included shutting down some systems, the company’s retail stores and e-commerce platform are open, and customers can place orders and purchase available merchandise; however, the company’s ability to fulfill orders is currently impacted, the company said.

The company is working to bring the impacted portions of its IT systems back online and implement workarounds for certain offline operations to reduce disruption to its ability to serve its retail, e-commerce, and wholesale customers. At this time, the company does not believe personal information from consumers was compromised. The company continues to work diligently to respond to and mitigate the impact resulting from the incident.

As the investigation of the incident is ongoing, the full scope, nature, and impact of the incident are not yet known. As of the date of this filing, the incident has had and is reasonably likely to continue to have a material impact on the company’s business operations until recovery efforts are completed. The company has not yet determined whether the incident is reasonably likely to materially impact the company’s financial condition or results of operations.

The intrusion involved the encryption of some data files by a threat actor, disrupting business operations. While Bassett's retail stores, and e-commerce platform remain operational, with customers still able to place orders, the company's order fulfillment capabilities are currently affected. Efforts are underway to restore IT systems and establish temporary measures to minimize disruption to retail, e-commerce, and wholesale customer services.

As of the date of the report, there is no indication that consumer personal information has been compromised. Still, the full extent and impact of the cybersecurity incident are still under investigation.

The company acknowledges that the event has materially impacted business operations and may continue to do so until recovery is complete. The potential effects on Bassett's financial condition or results of operations have not yet been determined.