Cyber Incident Victim: Eu-Rec GmbH

On April 7, 2025, at 7:12 AM, Eu‑Rec GmbH became aware that it had fallen victim to a cyberattack despite its existing security measures. The company determined that unauthorized third parties had gained access to personal data belonging to approximately 200 private customers and business contacts. The compromised data included email addresses, telephone numbers, postal addresses, contact persons, and bank connection details. The breach was identified through internal monitoring that triggered the notification at the stated time. No further technical details about the attack vector or the systems involved were disclosed in the notice.

Because the data had been accessed without authorization, Eu‑Rec GmbH warned that there is a risk that the information could be further processed by an unspecified number of third parties, potentially leading to data misuse, data piracy, or unauthorized data trading. In response, the company stated that it had taken immediate action at 7:50 AM on the same day by resetting all passwords, re‑encrypting the affected data sets, and relocating those data sets to a storage location with sufficient access security. These measures were intended to stop the breach effective immediately and to prevent future unauthorized access. Eu‑Rec GmbH expressed regret for the incident and provided a temporary email address, [email protected], and its postal address for any questions or feedback. The company’s postal address is Eu – Rec GmbH, In der Rodung 2, 54411 Hermeskeil.