German leasing association Deutsche Leasing disclosed a cyberattack on its systems, leading to a complete shutdown of its IT services, including data and email systems. The attack, reported on May 3, affected the organization’s 2,850 employees and customers, disrupting access to critical systems. While new leasing contracts can be signed on paper, they cannot be transferred to the IT systems and activated. The full impact of the attack, including the presence of ransom demands or ransomware, is yet unknown, and there’s no clear timeline for system restoration.
Deutsche Leasing, owned by 350 German saving banks, holds a prominent market position in the German SME sector and is recognized as one of Europe’s top 5 leasing providers. The subsidiaries Deutsche Anlagen-Leasing (DAL) and Deutsche Factoring Bank (DFB) remain unaffected by the shutdown, as they operate on separate IT systems. The company is actively collaborating with investigative authorities to analyze the attack and aims to make systems and data available again, but the timeline for rebooting remains uncertain.
With extensive IT shutdowns often taking more than a month to restore normal business operations after cyberattacks, Deutsche Leasing faces challenges in managing the aftermath of the incident. The association expressed regret for the inconvenience caused to potentially affected individuals, emphasizing its commitment to resolving the issue promptly. As the situation unfolds, the organization is working to assess the extent of the attack, understand potential data exposures, and implement measures to prevent such incidents in the future.
