German power electronics manufacturer Semikron has disclosed that it was hit by a ransomware attack that partially encrypted the company’s network.
Semikron has over 3,000 employees in 24 offices and 8 production sites worldwide across Germany, Brazil, China, France, India, Italy, Slovakia, and the USA, with a turnover of around $461 million in 2020.
It also says it’s one of the world’s leading power engineering component manufacturers, with 35% of the wind turbines installed each year operating with its technologies.
LV ransomware attack
“The SEMIKRON Group has been the victim of a cyber attack by a professional hacker group. As part of this attack, the perpetrators have claimed to have stolen data from our system,” the company revealed in a statement published Monday.
“The attack has also led to partial encryption of our IT systems and files. The entire network is currently being studied and adjusted forensic.”
According to an alert issued by the German Federal Office for Information Security (Bundesamt für Sicherheit in der Informationstechnik) and seen by BleepingComputer, the ransomware operators are blackmailing the company and threatening to leak allegedly stolen data.
While the company didn’t share any information about the ransomware used in the incident, a ransom note deployed on one of the encrypted Semikron systems seen by BleepingComputer indicates it was an LV Ransomware attack and says the attackers stole 2TB worth of documents.
Claims of data theft under investigation
Semikron is investigating attackers’ claims that they stole data from the encrypted systems before encryption with the help of external cybersecurity and forensic experts.
The company added that it also informed and collaborates with relevant authorities throughout the investigation and would alert customers and partners if any evidence of data theft is found.
“At the same time, we are working on restoring the working ability to minimize disruptions for our employees, customers and contractual partners and to ensure the best possible security of our IT systems,” Semikron added.
“We are also supported by the competent authorities in the investigation and coordination of further measures.”
A Semikron spokesperson was not immediately available for comment when contacted by BleepingComputer earlier today.