The German state of Hessen (Hesse) has been hit with a ransomware attack, causing the government to shut down IT systems and disrupting the availability of its consumer advice center.
Hessen is a state in central Germany with over six million people that encompasses Frankfurt, the country’s second-largest metropolitan area and a major financial center.
An announcement published yesterday on the state’s online portal says telephone and email communications have been impacted due to a cyberattack that occurred on Thursday, February 22.
“Early on Thursday morning, there was an attack on the IT infrastructure at the Hesse consumer advice center,” reads the announcement. (machine translated)
“As a result, the Hesse consumer advice center could not be reached by telephone for a short time on Friday.”
Although the communication disruptions have been mostly addressed, and the website is fully operational, people continue to have trouble reaching the consumer advice center and consumer advocates.
External IT security experts aid the state’s efforts to restore the availability of all communication channels in the impacted advice centers, but an estimate for a return to normal operations has not been given at this time.
The more worrying aspect of the cyberattack is the possibility of a data breach that could have impacted many Hessen citizens.
Ransomware actors often steal data from compromised networks before proceeding with the encryption step to use as leverage in the ensuing extortion phase.
Hessen authorities declared that they are in no position to determine whether any data had been stolen at this stage of the investigation but will inform affected individuals if and when a personal data compromise is confirmed.
“The data on the server and some backup systems is currently encrypted. It is not yet clear whether or which data has been leaked. As soon as it becomes clear, those affected will be informed.” – Hessen
Hessen’s consumer center clarified that it strives to store the minimum possible amount of data on its servers as part of its commitment to data protection. However, it did not mention what data types it holds.
The state’s data protection and IT security offices have been informed about the cybersecurity incident, and a criminal complaint has been filed with the Hessen police.
By the time of writing this, none of the major ransomware operations had taken responsibility for last week’s attack at Hessen.