0001032975false00010329752025-11-142025-11-14

Date of Report: November 14, 2025

(Date of earliest event reported)

(Exact name of registrant as specified in its charter)

Commission File Number: 0-29174

 

 

Check the appropriate box below if the Form 8-K filing is intended to simultaneously satisfy the filing obligation of the registrant under any of the following provisions:

 

☐            Written communications pursuant to Rule 425 under the Securities Act (17 CFR 230.425) 

☐       Soliciting material pursuant to Rule 14a-12 under the Exchange Act (17 CFR 240.14a-12)

☐            Pre-commencement communications pursuant to Rule 14d-2(b) under the Exchange Act (17 CFR 240.14d-2(b))

☐           Pre-commencement communications pursuant to Rule 13e-4(c) under the Exchange Act (17 CFR 240.13e-4(c))

Securities registered pursuant to Section 12(b) of the Exchange Act:

Indicate by check mark whether the registrant is an emerging growth company as defined in Rule 405 of the Securities Act of 1933 (§230.405 of this chapter) or Rule 12b-2 of the Securities Exchange Act of 1934 (§240.12b-2 of this chapter).

Emerging growth company ☐  

If an emerging growth company, indicate by check mark if the registrant has elected not to use the extended transition period for complying with any new or revised financial accounting standards provided pursuant to Section 13(a) of the Exchange Act. o Logitech International S.A. (“Logitech”) recently experienced a cybersecurity incident relating to the exfiltration of data. The cybersecurity incident has not impacted Logitech’s products, business operations or manufacturing.

Upon detecting the incident, Logitech promptly took steps to investigate and respond to the incident with the assistance of leading external cybersecurity firms.

While the investigation is ongoing, at this time, Logitech believes that the unauthorized third party used a zero-day vulnerability in a third-party software platform and copied certain data from the internal IT system. The zero-day vulnerability was patched by Logitech following its release by the software platform vendor. The data likely included limited information about employees and consumers and data relating to customers and suppliers. Logitech does not believe any sensitive personal information, such as national ID numbers or credit card information, was housed in the impacted IT system.

As of the date of this filing, Logitech believes that the incident will not have a material adverse effect on its financial condition or results of operations. Logitech maintains a comprehensive cybersecurity insurance policy, which we expect will, subject to policy limits and deductibles, cover costs associated with incident response and forensic investigations, as well as business interruptions, legal actions and regulatory fines, if any.

The information included in Item 7.01 contains forward-looking statements within the meaning of Section 27A of the Securities Act of 1933, as amended, and Section 21E of the Securities Exchange Act of 1934, as amended, including, without limitation, statements regarding the extent and potential impact of the cybersecurity incident, the means by which the unauthorized third-party accessed the internal IT system, the nature of data that may have been copied, the potential effect on our financial condition and results of operations, and the expected cybersecurity insurance policy coverage. The forward-looking statements in this Form 8-K are subject to risks and uncertainties that could cause actual results and events to differ materially from those anticipated in these forward-looking statements. Factors that might cause actual results to differ materially from those anticipated in forward-looking statements include, but are not limited to, our ongoing assessment of the impacts of the cybersecurity incident, including the potential discovery of additional information related to the incident in connection with our ongoing investigation or otherwise; our ability to remediate the cybersecurity incident; the impact of the cybersecurity incident on our relationships with consumers, employees, customers, suppliers and governmental regulators; the legal, reputational, and financial risks resulting from the cybersecurity incident, including as may arise from any potential regulatory inquiries and/or litigation to which we may become subject in connection with the incident; remediation and other additional costs that we may incur in connection with the investigation and remediation of the incident; and the risks and uncertainties discussed in our other periodic filings with the Securities and Exchange Commission (“SEC”), including our Annual Report on Form 10-K for the fiscal year ended March 31, 2025 and other reports filed with the SEC, available at www.sec.gov, under the caption Risk Factors and elsewhere. Logitech does not undertake any obligation to update any forward-looking statements to reflect new information or events or circumstances occurring after the date of this Form 8-K.

 

Pursuant to the requirements of the Securities Exchange Act of 1934, the registrant has duly caused this report to be signed on its behalf by the undersigned hereunto duly authorized.