- Einhaus Group dwindled from 170 employees and €70 million in revenue to just eight workers
- The German phone company met its fate after months of battle
- The Bitcoin ransom was recovered but never returned
German mobile phone insurance, repair and logistics company Einhaus Group has revealed the financial extent of a 2023 ransomware attack on the company.
At its peak, Einhaus operated in over 5,000 German retail stores, partnering with major telecommunication companies like Deutsche Telekom and 1&1, generating units to €70 million in annual revenue.
Then, in 2023, a ransomware group by the name of ‘Royal’ infiltrated systems and encrypted critical data including contracts, billing, and communications, leaving the company battling to make up losses thereafter.
Germany’s Einhaus effectively taken down by one ransomware attack
The attackers left messages via office printers warning that the company had been hacked (via WA), bringing operations to a halt with systems locked. In the months that followed, the company lost millions in revenue and operational delays, bringing total damages into the mid-seven-figure range.
The company also reportedly paid a large €200,000 ransom in Bitcoin to regain access to critical data.
German cybercrime investigators have since identified three suspects, and while public prosecutors seized the ransom-paid crypto, it never got returned to the Einhaus, which blocked the company from making a fuller recovery.
Since the ransomware attack, Einhaus has been forced to cut headcount down from a peak of around 170 to just eight, selling off property and investments to make up some losses.
Three companies under Einhaus Group, including 24logistics, have now filed for insolvency, and mobile phone repair services have been discontinued.
With cyberattacks not only becoming more common, but often more costly, Einhaus Group forms part of a growing list of companies forced to shut down as a result of ransomware attacks, including the UK’s Knights of Old transport company, Stoli USA and Finland’s Vastaamo.
