Ransomware Attack on MathWorks Exposes Data of Over 10,000 Users
MathWorks, the developer of the widely used software MATLAB and SIMULINK, has disclosed a major ransomware attack that has impacted thousands of its users. The incident occurred in the spring of 2025, but its full scale has only now come to light through documents submitted to the Office of the Attorney General of Maine. According to the published data, the personal information of more than 10,000 individuals was compromised.
The company, which generates annual revenues of $1.5 billion and serves a global user base exceeding five million, detected the breach on May 18. The intrusion was so severe that some services remained offline for nearly a week, causing significant disruptions to customers. To date, no known ransomware group has claimed responsibility, further amplifying concerns surrounding the attack.
Investigators determined that the attackers had gained covert access to MathWorks’ internal systems a full month earlier—on April 17—granting them ample time to harvest a substantial trove of information. Following the discovery of the compromise, MathWorks engaged external digital forensics experts to contain the incident, eradicate malicious code, and restore its infrastructure.
The company confirmed that attackers may have obtained access to highly sensitive customer information. Stolen data included names, addresses, dates of birth, Social Security numbers for U.S. citizens, and national identification numbers for clients abroad. While the specific data varied by individual, those whose personal identifiers were exposed now face an elevated risk of identity theft.
Such data could enable criminals to open fraudulent accounts, secure loans, or even attempt to seize control of victims’ existing accounts. Despite these risks, MathWorks emphasized that, as of now, there have been no confirmed cases of misuse of the stolen data or direct financial harm to affected customers.
As a precaution, MathWorks is offering complimentary identity monitoring services to victims and strongly urges all clients to exercise heightened vigilance over their financial accounts and to act swiftly on any suspicious activity.
This incident underscores the reality that even large technology firms serving millions worldwide remain vulnerable to ransomware campaigns. For MathWorks, the consequences extended beyond the potential theft of sensitive data to the temporary unavailability of core services—an interruption that dealt a serious blow to research and engineering projects that rely heavily on MATLAB and SIMULINK.
