blackbasta attacks Plauen Stahl Technologie GmbH

Incident Date:

April 26, 2022

World map



blackbasta attacks Plauen Stahl Technologie GmbH


Plauen Stahl Technologie GmbH




hammerstrabe, Germany

plauen, Germany

First Reported

April 26, 2022

Plauen Stahl Technologie GmbH: A Target for Black Basta Ransomware

Company Overview

Plauen Stahl Technologie GmbH stands as a beacon of productivity and innovation within the steel construction industry in Germany and across Europe. The company boasts extensive facilities, including a hall area of approximately 32,000 m² and an assembly space of about 10,000 m², with an annual production capacity reaching 20,000 tons. With a workforce of around 200 employees, Plauen Stahl Technologie GmbH is equipped to manage heavy loads, offering lifting capacities for component weights up to 160 tons. This capability, combined with a steadfast commitment to delivering reliable, quality-tested products on schedule, underpins the company's esteemed reputation.

Vulnerabilities and Exposure

The recent ransomware attack on Plauen Stahl Technologie GmbH by the Black Basta group signals a critical vulnerability within the construction sector to cyber threats. Despite the company's significant presence and innovative edge, it fell prey to cybercriminals, highlighting the sector's susceptibility to such attacks. The construction industry's reliance on managing sensitive information and its potential for operational disruptions make it an attractive target for ransomware campaigns. This incident with Plauen Stahl Technologie GmbH accentuates the pressing need for the construction sector to adopt and reinforce comprehensive cybersecurity measures to fend off similar threats.

The attack on Plauen Stahl Technologie GmbH by Black Basta underscores the critical importance of cybersecurity within the construction industry. It serves as a stark reminder that no entity, regardless of its size or stature, is beyond the reach of cyber threats. This incident emphasizes the necessity for organizations to implement proactive cybersecurity strategies to safeguard against ransomware attacks.


Recent Ransomware Attacks

The Recent Ransomware Attacks (RRA) site acts as a watchtower, providing you with near real-time ransomware tracking of attacks, groups and their victims. Given threat actors’ overarching, lucrative success so far, ransomware attacks have become the most ubiquitous, and financially and informationally impactful cyber threat to businesses and organizations today.

The site’s data is generated based on hosting choices of real-world threat actors, and a handful of other trackers. While sanitization efforts have been taken, we cannot guarantee 100% accuracy of the data. Attack updates will be made as source data is reported by reputable sources. By viewing, accessing, or using RRA you acknowledge you are doing so at your own risk.