Dussmann Group's Data Leaked in Ransomware Attack
Dussmann Group's Data Leaked in Ransomware Attack

Dussmann group’s data has been stolen by ransomware operation. Dussmann Group is the multi-service provider in Germany. The company has subsidiaries mainly focusing on facility management, corporate childcare, nursing and care for elderly and business systems solutions like electrical work, elevators and HVAC.

The company has confirmed that one of their subsidiaries, Dresdner Kuhlanlagenbau GmbH (DKA) is attacked by ransomware and the data was stolen.

Business Giant Dussmann Group Data Leaked

The stolen data of DKA was published by Nefilim. At the time of the attack, the Nefilim operators said that the unencrypted files were stolen before expanding the ransomware. Later, these stolen files are used as support against victims. The victims were forced to pay money to the ransom and were threatened by the attackers that they would release the data publicly. 

Recently, on the data leak site, there was a post by Nefilim operators. The operators published two archives of 14GB data files stolen. According to the files, the data which was leaked contains many documents like Word documents, images, accounting documents and AutoCAD drawings.

Business giant Dussmann Group's data leaked after ransomware attack

After the data was leaked, BleepingComputer contacted Dussmann Group and later confirmed DKA was attacked by the ransomware. 

Dresdner Kuhlanlagenbau GmbH (DKA) has 570 employees staff and was targeted with cyber-attack, and at that time, the data was encrypted and copied. For safety, the servers were shut down. About the attack, the data protection authorities and the State Office of Criminal Investigation in Saxony were informed, and charges have been filed.

The Head of Corporate Communications, Dussmann Group’s said to BleepingComputer, 

“DKA is in close communication with the authorities and external cyber-security experts. Operational processes in the business unit for refrigeration air-conditioning plant engineering are secure. DKA has already informed clients and employees about the cyber-attack and the data outflow. Due to ongoing investigations, we cannot say more at present.”

The ransomware operators Nefilim said to BleepingComputer that they had stolen four domains and about 200GB of the archive is stolen.

Still, it is not known how the Nefilim operators got access to DKA’s network. The Cyber intelligence firm Bad Packets didn’t find any VPN gateways or devices on their network. Administrators need to approach to secure the systems from being attacked. 

LEAVE A REPLY

Please enter your comment!
Please enter your name here