A spokesperson for the chemical company LANXESS has confirmed a hacker attack, which was discovered in the middle of last year. The extent of the damage is as yet unknown.

Hacker group WinNTI suspected to be behind the attack

According to research by Bayerischen Rundfunks and NDR, a hacker group called WinNTI was behind the attack. According to the company, it is currently not known whether any data has been stolen. The case has been handed over to the law enforcement authorities.

The company was probably spied on for several years before the attack was discovered. The exact damage or how much data has actually been exfiltrated is most likely impossible to determine.

LANXESS, with an annual turnover of €7.2 billion (2018), is one of the largest chemical companies in Germany and is listed on the MDAX (German Mid Cap stock index).

The hacker group is still active

Several attacks, including in Hong Kong and Taiwan, suggest that WinNTI is still active.

The Bundesamt für Verfassungsschutz (Federal Office for the Protection of the Constitution, BfV) suspects that there may have been further undiscovered attacks by hackers on German companies. The German economy is a very attractive target for attackers. We have recently reported on possible attack scenarios published by the BfV.

With this incident LANXESS joins the growing list of DAX and MDAX-listed companies that have fallen victim to cyberattacks. As early as last July, BR and NDR reported that WinNTI had hacked several DAX companies, including Siemens, BASF and Henkel.

Danger remains high

The potential for new hacker attacks on large German companies is still enormous.

Companies need to switch to new cyber security measures to protect their sensitive business and customer data.

Panda’s dynamic cybersecurity solution prevents attacks and proactively protects your sensitive data. Find out how to secure your IT infrastructure in our White paper Panda Adaptive Defense 360 Technologies