Cyber Incident Victim: Hamburger Friedhöfe AöR
Date:
Dec 2022
Location:
Germany
Summary
A cyberattack targeted a Hamburg-based organization operating multiple cemeteries and cremation facilities, disrupting IT systems through file encryption and paralyzing operations. Internal communications via email and telephone were severely limited, while electronic cemetery gate locks malfunctioned, requiring barriers to remain open. The attackers did not steal customer data, and funerals proceeded despite potential information delays. Recovery efforts involving external specialists were expected to take weeks, with law enforcement investigating the incident.
| CIA Posture | Motives | Tactics, Techniques & Procedures |
|---|---|---|
| Available to members | 1 motive | 1 technique |
| Threat Actors | Type | Location |
|---|---|---|
| 0 actors | Available to members | Available to members |
Description
On December 19, 2022, hackers launched a cyberattack targeting Hamburg's cemetery and cremation infrastructure, disrupting operations at four cemeteries (Ohlsdorf, Öjendorf, Volksdorf, and Wohldorf) and the municipal Hamburger Friedhöfe AöR organization. The attackers compromised IT systems belonging to Hamburger Krematorium GmbH, which operates cremation facilities in Ohlsdorf and Öjendorf. Attackers encrypted files and paralyzed critical IT infrastructure, causing immediate operational disruptions. Internal communications via email and telephone were severely impaired, hindering coordination between facilities. Electronic locking systems for cemetery gates malfunctioned, forcing the Ohlsdorf vehicle barrier to remain open indefinitely. The attack persisted for multiple days, with officials publicly confirming the incident on December 21.
Despite system failures, cemetery authorities maintained funeral services without cancellations, though telephone information requests experienced delays. Officials emphasized no evidence of data theft from customer or mourner records. Police initiated an investigation into the attack while external cybersecurity specialists worked to restore systems. Full recovery was projected to take weeks due to the scale of encryption and system damage. Operational workarounds were implemented for physical access control, prioritizing public access to burial sites. The incident exposed vulnerabilities in cemetery infrastructure management but did not compromise core mortuary services or sensitive personal data throughout its duration.