lockbit2 attacks ekz

Incident Date:

April 22, 2022

World map



lockbit2 attacks ekz






Bismarckstraye, Germany

Reutlingen, Germany

First Reported

April 22, 2022

EKZ Bibliotheksservice Hit by Lockbit Ransomware Attack

Victim Profile

EKZ Bibliotheksservice, a prominent library service in Germany, facilitates access to a wide range of digital media, including e-books, electronic newspapers, magazines, audio books, and music. This service extends to over 200 libraries across several European countries. The company's digital presence is anchored at http://ekz.de, positioning it within the Education sector.

Impact and Vulnerabilities

The Lockbit ransomware attack has significantly disrupted the library service's operations, particularly affecting the Onleihe app, a crucial platform for renting and borrowing digital media. The attack led to the deletion of copy-protected eBooks, necessitating a painstaking process of re-encryption and re-uploading. Additionally, the attack has rendered many associated websites and the user forum inaccessible, with Lockbit claiming to have leaked all stolen files, suggesting a refusal from EKZ to meet their ransom demands.

Response and Recovery

In response to the attack, EKZ has been diligently working to restore its systems since April 18, with some services in Germany and Austria resuming recently. Despite these efforts, the company has yet to confirm the extent to which personal data may have been compromised.

The Lockbit ransomware attack on EKZ Bibliotheksservice underscores the vulnerability of digital library services to cyber threats, highlighting the need for robust cybersecurity measures in the education sector. The incident not only disrupts access to valuable digital resources but also poses potential risks to user privacy and data security.


Recent Ransomware Attacks

The Recent Ransomware Attacks (RRA) site acts as a watchtower, providing you with near real-time ransomware tracking of attacks, groups and their victims. Given threat actors’ overarching, lucrative success so far, ransomware attacks have become the most ubiquitous, and financially and informationally impactful cyber threat to businesses and organizations today.

The site’s data is generated based on hosting choices of real-world threat actors, and a handful of other trackers. While sanitization efforts have been taken, we cannot guarantee 100% accuracy of the data. Attack updates will be made as source data is reported by reputable sources. By viewing, accessing, or using RRA you acknowledge you are doing so at your own risk.