Cyber Incident Victim: Universität der Bundeswehr München

A cyberattack targeting the Universität der Bundeswehr München was detected on January 23, 2025, according to confirmation from the Bundeswehr's Cyber and Information Domain Command (Kommando Cyber- und Informationsraum, CIR). The attackers successfully breached a central IT service within the university's data center, with initial compromise occurring in mid-January. The CIR spokesperson stated the university's data center team immediately initiated high-priority analysis and mitigation efforts upon discovery, though the full scope of infrastructure compromise remained undetermined at the time of reporting. No operational disruptions, data deletion, or unauthorized encryption were confirmed by authorities. The attack exclusively affected systems operated by the university, which maintains separate infrastructure from core Bundeswehr networks despite its institutional affiliation.

The Universität der Bundeswehr München, one of two federal armed forces universities alongside Hamburg's Helmut-Schmidt-Universität, hosts specialized programs including cybersecurity master's degrees, intelligence studies, and computer science bachelor's programs. Its student body includes personnel designated for Bundesnachrichtendienst (BND) intelligence service roles, heightening potential sensitivity of compromised data. While the CIR confirmed thorough notification of potentially affected individuals, it declined to confirm whether internal data exfiltration occurred. Independent Handelsblatt reporting suggested potential exposure of personal student and faculty information, including bank account details and mobile phone numbers. The incident occurred amid newly announced academic collaboration between the university and the Bundeswehr's Cyber-Innovation-Hub (CIHbw), though no operational connection between this partnership and the attack was indicated. Mitigation efforts remained ongoing with no restoration timeline provided.