Cyber Incident Victim: idea e.V. Evangelische Nachrichtenagentur
Date:
Oct 2024
Location:
Germany
Summary
The Evangelical news agency IDEA experienced a cyberattack by an Eastern European hacker group, resulting in partial server encryption and temporary loss of data access. The attackers aimed to disrupt operations and extort ransom, but the organization refused payment while maintaining editorial outputs despite technical disruptions. Immediate countermeasures were implemented with external expert support, and authorities were notified. While core services like the website and daily press releases continued, the weekly magazine faced delayed publication, and operational accessibility remained limited. A potential unauthorized data access remains under investigation, with affected parties directed to dedicated informational resources.
| CIA Posture | Motives | Tactics, Techniques & Procedures |
|---|---|---|
| Available to members | 1 motive | 1 technique |
| Threat Actors | Type | Location |
|---|---|---|
| 0 actors | Available to members | Available to members |
Description
On the morning of October 21, 2024, the Evangelical News Agency IDEA experienced a cyberattack attributed to an Eastern European hacker group. The attackers infiltrated the media organization’s IT infrastructure, partially encrypting servers and temporarily blocking access to managed data. This intrusion aimed to paralyze operations and extort ransom payments in exchange for decryption keys. The immediate technical disruption forced IDEA into a limited operational state, though core editorial functions remained active. While the attack compromised server functionality, the company maintained its news output on idea.de and its daily press service throughout the incident.
IDEA’s IT department initiated rapid countermeasures by engaging external expert teams to contain the breach. The organization reported the incident to regulatory authorities and filed a criminal complaint with police investigators. No ransom payment was made to the attackers. Despite these containment efforts, technical disruptions delayed the weekly IDEA magazine’s publication by one day. The agency acknowledged potential unauthorized access to stored data during the breach and directed affected customers to a dedicated informational page. Service availability remained restricted but functional during recovery operations, with residual impacts on internal workflows and publication timelines.