Cyber Incident Victim: Unterwegs Outdoor Shop
Date:
May 2025
Location:
Germany
Summary
Unterwegs Outdoor Shop experienced a cyberattack that allowed unauthorized third parties to access its systems, prompting immediate security measures and notification of the relevant data protection authority and police. Investigation showed that customer data including names, addresses, email addresses, login credentials and telephone numbers were accessed, while bank details remained unaffected. User passwords were reset as a precaution. The company also informed affected customers via email and provided a dedicated support address for inquiries.
| CIA Posture | Motives | Tactics, Techniques & Procedures |
|---|---|---|
| Available to members | 1 motive | 1 technique |
| Threat Actors | Type | Location |
|---|---|---|
| 0 actors | Available to members | Available to members |
Description
On 20 May 2025, Unterwegs Outdoor Shop suffered a cyberattack where unauthorized third parties gained access to systems. The attack was detected quickly, security mechanisms were activated immediately, and together with their IT service provider they implemented extensive protective measures following BSI guidelines. They notified the responsible data protection authority and filed a police report. Because customers are registered either in the online shop or in physical stores, they sent a notification informing them of the incident.
Based on their investigation, they could not exclude that customer data had been manipulated and/or copied. The potentially affected data include first and last name, billing address (or delivery address if different), email address, login credentials, and telephone number. Bank data were not accessed, and customers who placed orders as guests were not affected regarding login credentials. The company stated that there is a possibility that personal information could be used for fraudulent activities. As a precaution, the password for www.unterwegs.biz was reset preventively, requiring users to generate a new password via the "forgot password" function.
The notification provided contact details for customer service at [email protected] and the data protection officer Tim Spiekermann at [email protected]. It also listed the managing director Christoph Ganß and the company's address at Flutstr. 84a, 26286 Wilhelmshaven, plus telephone number. The notice referenced the BSI website for further information and noted that response times might be longer due to high volume. Golem.de subsequently reported on the incident, confirming the data leak and cyberattack.