Wilken Software Group

Wilken Software Group, also known simply as Wilken, is a software development company headquartered in Germany. The organisation creates software solutions for its clients and provides a customer portal through which those solutions are accessed and managed. In addition to application development, Wilken hosts customer environments within its own TÜV‑certified data centre, ensuring a regulated and secure hosting platform for client workloads. The company also maintains internal IT systems that support its day‑to‑day operations and service delivery.

A distinguishing attribute of Wilken is the operation of a TÜV‑certified data centre, which underpins its ability to host customer environments while adhering to recognised security and quality standards. This certification signals a commitment to rigorous infrastructure management and positions the firm within a specialised segment of the software services market that emphasises trusted hosting capabilities. The presence of multiple company locations is indicated by the fact that precautionary measures during a security event were extended to other sites beyond the primary headquarters. Wilken maintains a corporate website at wilken.de, which serves as a channel for communicating status updates to stakeholders when normal communication pathways are disrupted.

On 12 October 2022, Wilken Software Group was targeted by a ransomware attack that prompted the organisation to proactively shut down its internal systems. As part of the response, the customer portal was disabled to prevent further propagation, and all internet‑based communication channels, including email, were severed. Initial assessments indicated that the compromise was limited to internal infrastructure, with no anomalies detected in the customer environments hosted within the TÜV‑certified data centre. Consequently, the data centre activated its emergency protocols to safeguard the hosted workloads during the incident.

The incident response involved collaboration with external cybersecurity specialists who assisted in analysing the attack and remediating affected systems. Wilken also coordinated with national law enforcement and federal IT security agencies to ensure a comprehensive investigative approach. While analysis continued, precautionary shutdowns were extended to other company locations to contain any potential spread. Ongoing monitoring and forensic work proceeded throughout the period, and status updates were regularly posted on the corporate website to keep clients and partners informed despite the disruption of standard communication channels.