Ransomware Attack on Hymer-Leichtmetallbau: A Threat to Manufacturing Security

Incident Date:

April 19, 2024

World map



Ransomware Attack on Hymer-Leichtmetallbau: A Threat to Manufacturing Security






Offenburg, Germany

, Germany

First Reported

April 19, 2024

Ransomware Attack on Hymer-Leichtmetallbau by Black Basta

Company Profile

Hymer-Leichtmetallbau GmbH & Co. KG, a prominent player in the manufacturing sector, has been operational for approximately 60 years. With a focus on high-quality aluminum access solutions and vehicle technology, the company has carved out a significant presence in Europe. It employs around 1,431 individuals and reports annual revenues of $119.5 million. Hymer-Leichtmetallbau stands out in its industry due to its dedication to innovation and quality in aluminum manufacturing, catering to diverse sectors such as construction, caravanning, and agriculture.

Attack Overview

The ransomware group Black Basta, known for its sophisticated cyberattacks, targeted Hymer-Leichtmetallbau, leading to a significant security breach. The attack resulted in the theft of approximately 2 TB of sensitive data, including internal company data, project details, corporate communications, user information, and personal employee data. The specifics of the ransom demand have not been disclosed, highlighting the ongoing threat and potential negotiations between the attackers and the victim.


A recent data breach in a manufacturing firm underscores the susceptibility of such companies to cyberattacks, particularly ransomware groups like Black Basta. This breach not only threatens the firm's operations but also puts its clients and partners across different sectors at risk due to compromised data.


Recent Ransomware Attacks

The Recent Ransomware Attacks (RRA) site acts as a watchtower, providing you with near real-time ransomware tracking of attacks, groups and their victims. Given threat actors’ overarching, lucrative success so far, ransomware attacks have become the most ubiquitous, and financially and informationally impactful cyber threat to businesses and organizations today.

The site’s data is generated based on hosting choices of real-world threat actors, and a handful of other trackers. While sanitization efforts have been taken, we cannot guarantee 100% accuracy of the data. Attack updates will be made as source data is reported by reputable sources. By viewing, accessing, or using RRA you acknowledge you are doing so at your own risk.