Breach taxonomy
Summary
Logitech experienced a cybersecurity incident in which an unauthorized third party exploited a zero-day vulnerability in a third-party software platform to exfiltrate data from Logitech's internal IT system. The data involved limited employee and consumer information, as well as data relating to customers and suppliers; no sensitive personal information such as national ID numbers or credit card data was in the affected system. Logitech's products, business operations, and manufacturing were not impacted. The zero-day vulnerability was patched following disclosure by the software vendor. Filed under Item 7.01; company determined the incident is not material.
Tagging rationale
ThreatUnknown
Filing does not attribute the incident to a specific actor → UNKNOWN.