Cyber Incident Victim: Semikron

On or around August 1, 2022, the Semikron Group, a German power electronics manufacturer with global operations across 24 offices and 8 production sites, experienced a ransomware attack attributed to a professional hacker group. The attackers deployed LV ransomware, partially encrypting the company's IT systems and files while claiming to have exfiltrated approximately 2TB of documents prior to encryption. Semikron disclosed the incident through an official statement on August 1, confirming network compromise and ongoing forensic analysis. The German Federal Office for Information Security (BSI) corroborated the attackers' blackmail attempts, including threats to leak stolen data unless ransom demands were met. With annual revenues exceeding $461 million and technology embedded in 35% of global wind turbine installations, the incident posed operational and reputational risks to critical infrastructure supply chains.

Semikron immediately engaged external cybersecurity and forensic experts to investigate the scope of encryption and validate data theft claims, while coordinating with relevant authorities. The company prioritized restoring operational capabilities to minimize disruptions for employees, customers, and partners, though specific affected systems were not detailed beyond references to partial network encryption. Management established a dedicated email channel ([email protected]) for incident-related inquiries and committed to notifying stakeholders if evidence of data compromise emerged. No ransomware payment status or data leak confirmation was disclosed during the initial response phase. Recovery efforts focused on system remediation and security hardening, with ongoing collaboration between internal teams, external experts, and law enforcement agencies to address forensic findings and operational impacts.