hiveleak attacks Wibag Bau Ag

Incident Date:

March 23, 2022

World map



hiveleak attacks Wibag Bau Ag


Wibag Bau Ag




Locarno, Switzerland

Locarno, Switzerland

First Reported

March 23, 2022

Wibag Bau AG Suffers Ransomware Attack by Hiveleak Group

Company Overview

Wibag Bau AG, a construction company based in Switzerland, operates within the architecture and general contracting sector. The company boasts a diverse portfolio, with projects spanning various locations such as Muralto TI, Piazzogna TI, Parco Ambiente II, Locarno TI, Blockhaus, Fischenthal ZH, Parco Ambiente I, and Locarno TI.

Company Size and Industry Standing

As a notable entity in the Swiss construction industry, Wibag Bau AG has established a reputation for its architectural and general contracting expertise. While the company's exact size remains undisclosed, its significant industry presence is undisputed.

Vulnerabilities and Targeting

The recent ransomware attack on Wibag Bau AG underscores the critical need for enhanced cybersecurity measures within the construction sector. Given the industry's increasing dependency on digital systems and the sensitive nature of its data, construction companies are becoming prime targets for cybercriminals. This incident highlights the imperative of adopting stringent security protocols to safeguard against such threats.

Hiveleak Group

Hiveleak, a notorious ransomware group, has gained infamy for its activities on the dark web. The group's portfolio of cyberattacks spans across various organizations globally, marking it as a significant threat in the cyber landscape.

The ransomware attack on Wibag Bau AG is a stark reminder of the persistent and evolving cybersecurity threats facing the construction sector. It is imperative for companies within this industry to prioritize and strengthen their cybersecurity frameworks to protect their digital assets and uphold their reputations.


Recent Ransomware Attacks

The Recent Ransomware Attacks (RRA) site acts as a watchtower, providing you with near real-time ransomware tracking of attacks, groups and their victims. Given threat actors’ overarching, lucrative success so far, ransomware attacks have become the most ubiquitous, and financially and informationally impactful cyber threat to businesses and organizations today.

The site’s data is generated based on hosting choices of real-world threat actors, and a handful of other trackers. While sanitization efforts have been taken, we cannot guarantee 100% accuracy of the data. Attack updates will be made as source data is reported by reputable sources. By viewing, accessing, or using RRA you acknowledge you are doing so at your own risk.