Cyber Incident Victim: Brucha

Onthe night of Monday, March 3, 2025, Brucha, a thermal insulation manufacturer located in the Tulln district, suffered a severe cyberattack. An international hacker collective deployed ransomware that compromised the company's firewall and encrypted or deleted nearly all server data. The attackers demanded a six‑figure ransom payment from the Darknet. The incident was reported to the relevant authorities later that same day. The ransomware event occurred shortly after midnight, marking the start of the workweek. Prior to the attack, the company employed approximately 420 individuals. The attack threatened to halt production completely without the efforts of the workforce. The encryption affected the majority of the IT infrastructure, leaving only limited systems accessible. The ransom note was communicated via darknet channels as part of the extortion attempt. No specific decryption key was provided by the attackers in the initial communication.

In response, Brucha's IT department activated a pre‑configured auxiliary backup system designed for such scenarios. The backup was successfully engaged, allowing the restoration of critical data. By Wednesday, March 5, 2025, normal operations resumed, aside from a few minor data losses. Production, distribution, customer service, and payment processing remained fully operational throughout the incident. The company attributed the continuous 100 % uptime to the extraordinary effort of staff across all departments. A paper‑based workflow, referred to as “Papierwirtschaft,” enabled the production line to keep running despite the server outage. Particular recognition was given to the IT team for their persistent work in countering the attackers. Brucha filed an official report with law enforcement on the day of the attack. The company stated that it would use the event as an opportunity to update its processes and IT security infrastructure. No further details about the ransom payment or attacker identity were disclosed in the public statements.