You have 0 free articles left this month.
Register for a free account to access unlimited free content.
Powered by MOMENTUM MEDIA
lawyers weekly logo

Powered by MOMENTUMMEDIA

Breaking news and updates daily. Subscribe to our Newsletter
Advertisement

Oettinger confirms cyber incident, begins investigating

German beer and drinks giant Oettinger Getränke (Oettinger Brauerei or Oettinger) has confirmed that it suffered a cyber attack following claims made by threat actors.

Oettinger confirms cyber incident, begins investigating
expand image

On 5 May, the RansomHouse ransomware gang listed the drinks manufacturer on its dark web leak site, claiming to have exfiltrated and encrypted business data.

“Dear management of OeTTINGER Brauerei and Pia Kollmar. We are sure that you are not interested in your confidential data to be leaked or sold to a third party. We highly advise you to contact us,” the listing said.

Pia Kollmar is the company’s majority shareholder and managing director and is ranked among the top 100 most influential businesswomen in Germany.

Now, in a statement shared with Cyber Daily, Oettinger has confirmed that it suffered a cyber attack.

“We are currently investigating the cyber attack on OeTTINGER GETRÄNKE in conjunction with IT forensic experts, the data protection authority and cyber crime specialists,” said Oettinger.

“We are also conducting an investigation into the potential for data leaks. For forensic reasons, we are unable to provide any further details at this moment.

“Production and logistics have not been affected by the cyber attack.“

While Oettinger has not shared the nature of the incident or named the threat actor, a sample within RansomHouse’s listing appears to contain data relating to logistics, fleet and fleet management, maintenance, warehouse management, exchange, shipping, quality assurance, project technology, production and more.

RansomHouse is a ransomware-as-a-service (RaaS) operation that first appeared in 2021. The group claims to differentiate itself from other RaaS operations by not performing double extortion by only exfiltrating data, not encrypting it. However, as previously stated, this was not the case with Oettinger.

The group typically operates by targeting victims using phishing and spear phishing emails, but it has also been observed using other third-party software to gain access to victim networks, according to SentinelOne.

Daniel Croft

Daniel Croft

Born in the heart of Western Sydney, Daniel Croft is a passionate journalist with an understanding for and experience writing in the technology space. Having studied at Macquarie University, he joined Momentum Media in 2022, writing across a number of publications including Australian Aviation, Cyber Security Connect and Defence Connect. Outside of writing, Daniel has a keen interest in music, and spends his time playing in bands around Sydney.
You need to be a member to post comments. Become a member for free today!

newsletter
cyber daily subscribe
Be the first to hear the latest developments in the cyber industry.