Cyber Incident Victim: Europäische Fachhochschule
Date:
Feb 2023
Location:
Germany
Summary
The Europäische Fachhochschule experienced an unsolicited cyberattack, prompting an investigation by internal specialists and external consultants to determine its scope and origins, though no specific details about compromised data or systems were initially identified. While most academic operations across multiple campuses continued with minimal disruption—including exams and some classes shifted online—significant portions of internal internet-based services were temporarily suspended as a precaution, causing communication delays; the institution maintained email and phone accessibility while prioritizing service restoration and cooperated with law enforcement and data protection authorities, explicitly stating it would not comply with any potential extortion demands.
| CIA Posture | Motives | Tactics, Techniques & Procedures |
|---|---|---|
| Available to members | 1 motive | 1 technique |
| Threat Actors | Type | Location |
|---|---|---|
| 0 actors | Available to members | Available to members |
Description
The Europäische Fachhochschule Rhein/Erft (EU|FH) experienced a cybersecurity incident on or around February 2, 2023, when it became the target of an unsolicited hacker attack. The institution confirmed the attack was not attributable to any fault of its own. Internal specialists at EU|FH initiated an immediate investigation into the breach, supported by external cybersecurity consultants, to assess the scope and origins of the intrusion. At the time of the public statement released on February 2, the university had not yet determined the extent of compromised data or the specific methods employed by the attackers. EU|FH coordinated closely with law enforcement agencies and relevant data protection authorities throughout the response process. The university explicitly stated it would not comply with any potential extortion demands from the threat actors. As a precautionary measure, administrators disabled significant portions of the institution's internet-dependent internal services to contain potential threats, though email and telephone communications remained operational despite possible delays.
Academic operations across EU|FH's campuses in Brühl, Neuss, Aachen, Solingen, Rostock, Rheine, Köln, and Berlin experienced minimal disruption, with semester activities and scheduled examinations proceeding largely according to plan. Certain instructional activities transitioned to online delivery formats to maintain continuity during the service interruptions. The temporary suspension of web-based internal systems affected routine administrative and educational workflows, prompting the university to issue apologies for accessibility delays. Technical teams prioritized restoring full functionality to digital services for students and institutional partners. No evidence regarding data exfiltration or specific attacker motivations had been disclosed publicly at the time of the announcement. Restoration efforts proceeded under high-pressure conditions as the institution worked to resume normal operations while maintaining investigative and protective measures against further compromise.