Aachen, Germany -- On the night from 10 to 11 November 2021, the IT company KISTERS AG became a victim of a cyber attack. According to current knowledge, the attackers gained access to the computer network of the software provider for sustainable resource management systems via an orchestrated ransomware attack despite a strong security system.
Immediately after discovering the attack, KISTERS called in the criminal investigation department and the German Federal Office for Information Security (BSI) and informed the relevant supervisory authorities. In addition, a team consisting of IT specialists and forensic experts immediately started to analyse how the attackers were able to penetrate the network despite the company's extensive, multi-level and certified security precautions. The investigation is still ongoing.
Currently, the company has no access to its own IT system, as it has been completely shut down to prevent further damage. Accordingly, the company can temporarily neither be reached via e-mail nor via landline telephone, but only via the mobile numbers of colleagues / employees. As far as possible, KISTERS’ customers have already been informed personally about the attack and the possible consequences as well as the measures taken or will be informed as soon as access to the systems allows it again.
At the moment, KISTERS AG cannot make any statements about which data is affected by the attack. "Transparency is the most important thing for us in this situation. We will inform our customers clearly and openly when we know what data is affected and when we can return to normal business operations," says Managing Director, Klaus Kisters.
Currently, all experts are working on crisis mode. "For the time being, it is important for us to be quickly available again for our customers on all channels. We are working on this at full speed," Klaus Kisters continues.
"In the next step, we will do everything we can to be able to work again and to gain knowledge so that we, but also other companies, can protect themselves even better in the future."
In compliance with our corporate duty as a data processor, the following notification regarding a possible data protection incident in connection with the cyber attack on KISTERS AG can be downloaded here.