Suder

Suder is a retail establishment headquartered in Poland, operating under the alias Suder and serving customers within the Polish market. The organisation functions as a shop, likely offering goods through physical or online channels, as indicated by references to a Polish shop in reporting about the cyber incident. Its core activities involve the sale of products to consumers, though specific product lines are not detailed in the available sources.

On March 6 2025, Suder disclosed that its systems were encrypted by ransomware deployed by the hacker group Qilin, leading to a potential breach of personal data. The company promptly notified law enforcement and engaged external specialists to investigate the scope of the incident, acknowledging that unauthorized access to customer information could not be ruled out. The exposed data reportedly included packing lists, medical certificates, employment contracts, and copies of Polish passports, suggesting that Suder maintains records related to logistics, employee administration, and health‑related documentation. The incident raised concerns about the possible misuse of this information for financial fraud, identity theft, and unauthorized access to services.

The categories of data compromised in the attack reveal that Suder handles a range of operational records, including those tied to shipping or inventory (packing lists), personnel management (employment contracts), and possibly occupational health or medical compliance (medical certificates). This mix of information indicates a diversified operational footprint beyond simple retail sales, encompassing logistics and human‑resources functions. No explicit details regarding the organisation’s size, ownership structure, or parent/subsidiary relationships are provided in the sources.