Cyber Incident Victim: Griesser AG

On or around April 14, 2021, Griesser AG, a Swiss manufacturer of sun protection window treatments including blinds, shutters, and awnings, suffered a ransomware attack targeting its servers. Unknown perpetrators deployed ransomware, described as a "blackmail Trojan," affecting the company's primary operations in Aadorf, Switzerland, as well as production facilities in Austria and France. The attack disrupted normal business operations, forcing Griesser AG to limit communications to phone and email channels only. Upon detecting the incident, the company's IT task force immediately shut down multiple IT systems to contain the attack and prevent further propagation across the network. This containment measure was implemented as a precautionary step, though it likely contributed to operational disruptions.

Griesser AG publicly acknowledged the incident through a statement on its website, informing customers and partners about the situation and providing alternative contact methods. The company emphasized its preparedness for such scenarios, noting that a dedicated task force of internal and external experts had been mobilized to conduct a detailed investigation. Specialists worked under high pressure to resolve the IT incident, though the timeline for full restoration remained unspecified. At the time of reporting, Griesser AG had not confirmed whether customer, partner, or employee data was exfiltrated during the attack. Neither the company nor initial media disclosures identified the specific ransomware variant involved or indicated whether a ransom demand was issued. The investigation remained ongoing, with updates contingent on further findings by the task force.