Cyber Incident Victim: guenstiger.de

Inthe night leading up to April 23 2025, the price‑comparison portal guenstiger.de experienced a ransomware incident at its Hamburg location, during which data on its systems were encrypted. Upon discovering the attack, the company’s IT team immediately disconnected all affected systems from the internet and shut down the data center in an effort to halt further propagation of the malware. The shutdown was carried out as a precautionary measure to contain the incident and prevent additional systems from being compromised. At that point, guenstiger.de had not yet been able to determine the full scope or scale of the encryption.

The ransomware encryption resulted in data losses that caused noticeable technical restrictions on the guenstiger.de website and in its communication channels. Visitors to the site observed missing data in the price tables that are embedded in heise online articles and on other partner sites, while product images loaded only with delay. These symptoms were described by the company as direct consequences of the attack, reflecting the impact of the encrypted data on the platform’s functionality. No further details about the specific types of data lost or the exact volume of affected records were provided in the source.

In response to the incident, guenstiger.de informed its business customers as comprehensively as possible, using direct communication and posts on LinkedIn to raise awareness. The Hamburg data protection officer, Thomas Fuchs, was also notified of the event. The company’s managing director, Harald Schiffauer, acknowledged that data losses had occurred and that the resulting technical limitations were affecting both the website and interactions with users. The article notes that the full extent and scope of the ransomware attack remained undetermined at the time of reporting.