Cyber Incident Victim: Peikko Group

Peikko Group experienced a cyber attack during the final weekend of December 2024, first publicly disclosed on December 30. The company immediately reported the incident to Finnish police, the National Cyber Security Centre, and other relevant authorities while collaborating with internal and external cybersecurity experts to investigate the scope. Initial operational impacts included partial disruption of manufacturing and delivery systems across Peikko’s 12 factories, though core communication channels (websites, emails, phones) and the Peikko Designer® tool remained functional. By December 31, recovery efforts confirmed limited manufacturing resumption in non-holiday factories and restored access to Tekla 3D modelling software and its cloud-based Tekla Model Sharing collaboration tool. The company disclosed preliminary evidence suggesting potential unauthorized access to or theft of customer-related data, though the full extent remained under investigation.

Restoration efforts intensified through early January 2025, with Peikko’s Microsoft Dynamics 365 ERP system operational across 21 countries by January 2, albeit with limited features, enabling manufacturing and product dispatch. Subsidiaries using older ERP systems operated normally, while others temporarily relied on manual processes. Round-the-clock recovery actions continued until January 6, when all factories resumed near-normal operations with minor residual restoration activities. Service capabilities were minimally affected during this final phase, with customers directed to local sales representatives for delivery inquiries. Peikko declared operations normalized on January 9, ceasing incident updates after confirming only negligible ongoing restoration impacts. The company maintained its commitment to transparency regarding data breach implications but provided no further public findings beyond acknowledging the attack’s conclusion.