Cyber Incident Victim: mk Technology Group / Maschinenbau Kitz

A significant cyber attack targeted the mk Technology Group, specifically its parent company Maschinenbau Kitz GmbH in Troisdorf, during the period between May 15 and May 16, 2023. In immediate response to the security breach, the company took the precautionary measure of shutting down all its systems to contain the threat and prevent further damage. This action severely impacted core business operations, making all material movements impossible and significantly restricting all forms of communication. The company's internal IT department initiated the response effort but quickly engaged external cybersecurity specialists to assist in managing the incident and planning a controlled restoration of services.

By May 22, 2023, the company provided its first public update, acknowledging the attack and the widespread disruption it caused. The initial focus was on securing the environment and beginning the complex process of restoring systems safely. Progress was incremental; as of May 24, 2023, the company announced that personal contacts in its external sales force had been restored and were once again reachable, representing one of the first functions to come back online. The restoration work continued intensively throughout the end of May. By June 1, 2023, the company and its partners had undertaken extensive measures to contain the threat and prevent additional harm. They confirmed that initial operational capabilities had been restored in certain sub-areas of the business, though many systems and processes remained offline. Parallel to the recovery work, the implementation of additional security measures began to make the infrastructure more resilient against future potential threats.

Further progress was communicated on June 12, 2023, though specific details on the "partial successes" were not listed in the provided update. A significant milestone was reached by the week of June 19, 2023, when the company's Profiltechnik product group, which includes profiles and components without design elements, regained its delivery capability. Shortly thereafter, on June 22, 2023, the Aluprofil online shop was fully restored to operation. The company assured customers that the shop and their personal data had been secure at all times, allowing them to use the platform with their existing login credentials without concern. However, the situation remained more complex in other business units. For Fördertechnik and Transfersysteme (conveyor technology and transfer systems), which involve custom engineering and design work, the company could not yet provide a precise delivery date for orders as of June 22. The team was working to review the backlog of orders and process them in the sequence they were received.

By July 13, 2023, the company provided a final comprehensive update, effectively concluding its incident reporting. At this stage, all critical processes and systems essential for order processing were confirmed to be re-established. The company declared itself delivery-capable across all business areas. Some remaining auxiliary processes and systems were slated for imminent restoration to allow customers to eventually access all customary services. The necessary steps to strengthen the IT infrastructure had been successfully completed, and additional security measures were implemented. The company resumed communicating delivery dates in its offers and order confirmations. Furthermore, all accumulated orders had been re-scheduled, and updated order confirmations were sent to customers. A significant backlog of orders and a processing delay resulted in a certain inherent uncertainty regarding these new delivery dates, with the company acknowledging that shifts and delays could still occur as they continued to move step by step toward a normal state of operations. Despite some remaining issues, the company expressed confidence that these would be successfully addressed and concluded in the near future, allowing all processes to eventually function smoothly again.