Ransomware Attack on LEMKEN by 8Base Cybercrime Group

Incident Date:

May 20, 2024

World map



Ransomware Attack on LEMKEN by 8Base Cybercrime Group






Boigny-sur-Bionne, France

, France

First Reported

May 20, 2024

Ransomware Attack on LEMKEN by 8Base Cybercrime Group

Company Profile

LEMKEN is a leading international manufacturer of agricultural machinery, specializing in soil cultivation, seeding, crop protection, and harvesting. The company, founded in 1780 and headquartered in Alpen, Germany, has a global presence with 1,600 employees worldwide and an annual revenue of €400 million.

Company Standout

The company stands out in the agricultural machinery manufacturing industry for its visionary and sustainable approach, long tradition spanning over 240 years, global presence in 31 locations, and diverse product range that includes tillage implements, seed drills, hoeing machines, fertiliser spreaders, and smart agricultural data management solutions.

8Base Ransomware Group

The 8Base ransomware group, active since April 2022, has gained notoriety for targeting small and medium-sized businesses across various sectors, including agriculture. Known for its double-extortion tactics, 8Base encrypts files and threatens to release stolen data if the ransom is not paid. The group uses ransomware strains like Phobos and is believed to spread through phishing emails, exploit kits, and drive-by downloads.

Ransomware Attack Details

The ransomware attack on LEMKEN by 8Base highlights the need for robust cybersecurity measures. The attack likely exploited vulnerabilities in the company's systems, potentially through phishing emails or other means, to gain unauthorized access and encrypt files. Immediate and long-term actions are crucial to mitigate the impact and prevent future incidents.


Recent Ransomware Attacks

The Recent Ransomware Attacks (RRA) site acts as a watchtower, providing you with near real-time ransomware tracking of attacks, groups and their victims. Given threat actors’ overarching, lucrative success so far, ransomware attacks have become the most ubiquitous, and financially and informationally impactful cyber threat to businesses and organizations today.

The site’s data is generated based on hosting choices of real-world threat actors, and a handful of other trackers. While sanitization efforts have been taken, we cannot guarantee 100% accuracy of the data. Attack updates will be made as source data is reported by reputable sources. By viewing, accessing, or using RRA you acknowledge you are doing so at your own risk.