Cyber Incident Victim: Bauhaus
Date:
Jun 2021
Location:
Denmark
Summary
A home construction goods retailer experienced a serious cyberattack over a weekend, disrupting IT systems while stores remained operational. The incident caused extended webshop delivery times, inaccurate inventory displays across physical and online warehouses, and a suspension of Click & Collect services. Customer support faced high call volumes with limited system access and non-functional email systems, though phone support remained available. Employees maintained in-store operations despite technical challenges, with ongoing recovery efforts focused on restoring normal service levels. The retailer advised customers to monitor its website for updates regarding system availability.
| CIA Posture | Motives | Tactics, Techniques & Procedures |
|---|---|---|
| Available to members | 2 motives | 5 techniques |
| Threat Actor | Type | Location |
|---|---|---|
| 1 actor | Available to members | Available to members |
Description
Bauhaus, a home construction goods retail chain, experienced a significant cyber incident during the weekend preceding June 22, 2021. The company publicly confirmed the attack on June 22, characterizing it as a serious hacker intrusion that disrupted critical IT systems. Despite the operational challenges, all physical department stores remained open throughout the incident, with staff manually maintaining customer service operations. The attack compromised multiple digital services, forcing Bauhaus to suspend its Click & Collect service entirely due to system unavailability. Technical disruptions created inventory discrepancies between the bauhaus.dk website's stock listings and actual warehouse quantities, affecting both online and in-store product availability.
The company's Danish webshop remained accessible but experienced extended delivery timelines due to system impairments, with payment processing adjusted to occur only upon shipment confirmation. Customer support operations were severely constrained, as email systems became inoperable while phone lines remained active but faced high call volumes and prolonged wait times. Bauhaus implemented continuous incident updates through its website, directing customers to monitor this channel for service restoration progress. No data theft or ransomware demands were disclosed in the available statement. The organization emphasized employee efforts to sustain operations through manual workarounds while technical teams worked to restore affected systems, though no specific recovery timeline or forensic findings were provided. Service disruptions persisted as of the last update on June 22 at 11:27 local time.