blackbasta attacks Bernd Hösele Group

Incident Date:

June 14, 2022

World map



blackbasta attacks Bernd Hösele Group


Bernd Hösele Group




Kammeringstraße, Austria

Guntramsdorf, Austria

First Reported

June 14, 2022

Bernd Hösele Group Targeted by Blackbasta Ransomware Group

The Bernd Hösele Group, a company specializing in international perfumery wholesale, has been targeted by the ransomware group Blackbasta. The attack was announced on the group's dark web leak site, and the victim's website is The company operates in the Business Services sector and has its headquarters and central warehouse located in Guntramsdorf, Austria.

Company Background

Bernd Hösele Group was founded in 1996 by Bernd Hösele, who had previously worked in the perfume and cosmetics import business and as an independent commercial agent since 1986. The company has developed into an international hub for perfume and cosmetics wholesale and has a long history of steady growth.

Vulnerabilities and Impact

The specific details of the attack and the vulnerabilities exploited by the Blackbasta ransomware group are not provided. However, it is mentioned that the group has been active in recent weeks, targeting various organizations, including a hotel chain and a hospitality giant.

Ransomware Threat Landscape

Ransomware attacks have been on the rise, with an average of one out of every 34 organizations worldwide experiencing an attempted attack in 2023, representing a 4% increase compared to the same period last year. The most dangerous ransomware groups, such as Lockbit3 and Clop, have been targeting large enterprises and government entities worldwide.

Mitigation Strategies

To mitigate the risk of ransomware attacks, organizations should implement sandboxed browsers, require accounts to comply with NIST password management and policy standards, and implement email filters. Additionally, organizations should focus on digital innovation and transformation initiatives to fortify their digital infrastructure and create the best ransomware prevention program possible.


Recent Ransomware Attacks

The Recent Ransomware Attacks (RRA) site acts as a watchtower, providing you with near real-time ransomware tracking of attacks, groups and their victims. Given threat actors’ overarching, lucrative success so far, ransomware attacks have become the most ubiquitous, and financially and informationally impactful cyber threat to businesses and organizations today.

The site’s data is generated based on hosting choices of real-world threat actors, and a handful of other trackers. While sanitization efforts have been taken, we cannot guarantee 100% accuracy of the data. Attack updates will be made as source data is reported by reputable sources. By viewing, accessing, or using RRA you acknowledge you are doing so at your own risk.