Cyber Incident Victim: Landkreis Deggendorf

On the morning of September 13, 2023, authorities at a wood processing company in the Deggendorf district of Bavaria discovered a cyberattack targeting their servers and reported the incident to police at approximately 08:45 via the police operations center. Unknown attackers had successfully installed ransomware on multiple company servers, encrypting critical systems and forcing operations into emergency mode for a limited period. The encryption significantly disrupted normal business functions, though the company maintained partial operational capacity through contingency protocols. No communication occurred between the company and the perpetrators, and investigators found no evidence of ransom demands at the time of initial reporting. The Deggendorf Criminal Police Station assumed investigative jurisdiction, deploying their Quick-Reaction-Team to the affected premises to conduct forensic operations.

The Quick-Reaction-Team focused on securing digital evidence from compromised systems, documenting technical artifacts related to the ransomware installation, and collecting witness statements from company personnel. Investigators confirmed no data exfiltration occurred during the attack, limiting the incident's impact to system encryption and operational disruption. Company technicians restored operations by implementing existing backup systems, gradually reactivating services without paying ransom or negotiating with attackers. Police provided advisory support throughout the recovery process, emphasizing procedural compliance for evidence preservation. Normal business operations resumed following successful backup restoration, with no reported residual effects on data integrity or long-term functionality. The investigation remained ongoing with no suspects identified or additional demands reported as of the latest available information.