Cyber Incident Victim: Reutlinger General-Anzeiger
Date:
May 2025
Location:
Germany
Summary
The Reutlinger General-Anzeiger disclosed that an unidentified threat actor exploited a vulnerability on its website to view and possibly obtain user usernames and email addresses. After discovering the flaw, the organization promptly patched the issue and reported the incident to the relevant Baden‑Württemberg authorities. It advised recipients to remain vigilant for fraudulent messages and to verify any suspicious communication by contacting the outlet directly. The organization apologized for the inconvenience and stated it is investigating the cause and strengthening security.
| CIA Posture | Motives | Tactics, Techniques & Procedures |
|---|---|---|
| Available to members | 2 motives | 1 technique |
| Threat Actors | Type | Location |
|---|---|---|
| 0 actors | Available to members | Available to members |
Description
On May 1, 2025, the Reutlinger General-Anzeiger published a notice on its website informing readers of a cyberattack on its online platform. The notice stated that an unidentified vulnerability on the website www.gea.de had been exploited. Through this vulnerability, unknown actors had accessed and possibly extracted users' usernames and email addresses. The organization emphasized that there was no legal obligation to disclose the incident, but it chose to communicate openly and proactively. The notice was addressed to readers, users, and the general public of the regional newspaper.
After discovering the vulnerability, the organization immediately closed the security gap. It also initiated and carried out the necessary steps in cooperation with the authorities responsible for cybersecurity in Baden-Württemberg. The notice advised users to be especially vigilant for possible fraudulent emails purporting to come from the newspaper. Users were told to contact the organization by telephone if they were uncertain about the authenticity of any message. The organization apologized for any inconvenience caused by the incident.
It stated that it was working intensively to clarify the background of the attack and to further increase security measures. The goal expressed was to maintain users' trust and ensure continued reliable service. For further questions, the notice provided the email address of the data protection officer: [email protected]. The notice concluded with a reaffirmation of the newspaper's commitment to security and transparency.