Cyber Incident Victim: Netcom Kassel Gesellschaft für Telekommunikation mbH

On January 18, 2021, Netcom Kassel Gesellschaft für Telekommunikation mbH experienced a targeted hacker attack impacting portions of its general IT infrastructure. The company confirmed the incident in a public notice aligned with legal obligations under Paragraph 109a of Germany’s Telecommunications Act (TKG) and Article 34 of the General Data Protection Regulation (GDPR). The breach disrupted standard operations for certain administrative and support systems, though critical network infrastructure responsible for delivering telephone and internet services remained unaffected throughout the event. This separation prevented widespread service outages for customers relying on core telecommunications functions. Limited system availability persisted following the attack as recovery efforts progressed. Netcom Kassel did not disclose initial intrusion vectors, dwell time, or specific data accessed during the compromise in its February 5, 2021 status update.

The organization initiated incident response protocols to contain the breach and restore operational stability following the January intrusion. Technical teams isolated compromised systems to prevent lateral movement while maintaining continuity for network operations. Public disclosure emphasized compliance with regulatory notification frameworks without detailing forensic findings, remediation steps, or attacker attribution. No customer data exfiltration or encryption events were explicitly acknowledged in the available statement. The company directed stakeholders to its official channels for further updates, reflecting an ongoing response process nearly three weeks after initial detection. Operational impacts remained confined to non-core IT functions as recovery continued under restricted system availability conditions.