Notification of a Personal Data Breach in Accordance with Article 34 GDPR

The protection of data is of the highest priority for Nickelhütte Aue GmbH. Due to the ransomware attack of which we have become a victim, we are in close contact with the competent authorities and are cooperating transparently with all relevant parties. Since we unfortunately cannot rule out that personal data has been affected and may have fallen into the hands of criminals who could misuse it, we have reported the incident to the data protection supervisory authority.

What happened? On October 18, 2025, a ransomware attack targeted our company’s office IT systems. In such attacks, criminals break into IT systems, encrypt data using malicious software, and thereby render it inaccessible. The attackers then demand a ransom in exchange for restoring access to the data. Through this attack, the perpetrators gained unauthorized access to our data.

Which data are affected? At this point, we cannot yet precisely determine which data have been affected. Potentially affected data may include contact details, names, email addresses, addresses, contractual information, etc. of customers, suppliers, partners, and employees stored in our address books. Sensitive data such as passwords, payment details, bank account information, and health data may also be affected. It cannot be ruled out that the compromised data could be used by the attackers to impersonate our organization or to conduct targeted phishing campaigns.

What measures have we taken? We reacted immediately by isolating the affected server, identifying and rectifying vulnerabilities, and strengthening our security measures. A comprehensive security review has been initiated to ensure that no other systems are affected. The incident was promptly reported to the competent data protection supervisory authority in accordance with Article 33 GDPR. We are working closely with IT security experts and our data protection officer to clarify the exact circumstances of the attack and to prevent similar incidents in the future.

What are the possible consequences? There is a risk that the compromised data could be used to conduct targeted phishing attacks or distribute malicious links. In addition, third parties may attempt to impersonate our company or our employees in order to deceive recipients of such emails.

Recommendations for affected individualsTo minimize potential risks, we recommend that you carefully review electronic communications for suspicious messages, especially those containing unknown links or attachments. Do not open links or attachments in emails that appear suspicious in origin or content. If you receive a suspicious email that appears to come from us, please contact us so that we can analyze it. You should also change any passwords that you may have used in connection with our company and, if possible, activate two-factor authentication for your accounts. For further information on security measures, we recommend visiting the websites of the Federal Office for Information Security (BSI) at https://www.bsi.bund.de