Hackers Now Striking Death Blows To Successful Companies

The Einhaus Group was once a familiar name in Germany, boasting 170 employees offering its services through 5,000 retail outlets with an annual revenue close to $82 million dollars. The Einhaus Group invented electronics insurance in Germany, including a popular 24-hour cell phone repair or replacement service.

On the day of the hacker attack in early 2023, Wilhelm Einhaus, founder of the Einhaus Group, recalls coming into the office in the morning to witness a ‘horrific’ greeting. On the output tray of every printer in the office was a page announcing, “We've hacked you. All further information can be found on the dark web.”

These particular Digital Kleptos™ planted the “Royal” ransomware in the Einhaus network, and encrypted all their systems, including contracts, billing, and communication data. Einhaus lost access to critical data, and daily business operations came to a standstill within hours. Einhaus estimates the damage wound up in the mid-seven-figure range. The hackers then demanded a ransom payment of $230,000 in the popular cryptocurrency, Bitcoin.

Because their operational systems were completely nonfunctional, there was an immediate and painful impact on Einhaus. The police were involved promptly. Business losses and damages continued piling up. Day-to-day operations without their computer systems were simply not possible.

In order to save the business, Einhaus management made the painful decision to pay the ransom, hoping that would end this painful chapter in their long history. But so much damage had already been done, that wasn’t enough.

Einhaus decided on drastic action to resolve the crisis. Once it boasted a workforce of 170 people. Einhaus immediately reduced that number to just eight employees. Imagine a business of this size and business volume having to process insurance claims by hand with just 8 employees.

Needing to generate immediate, short-term funds, the company even sold its headquarters building.

Then local prosecutors arrested three hacking suspects, and seized “crypto assets in the high six-figure euro range.” Einhaus might have anticipated some satisfaction now that the hackers might face justice, and they’d get their ransom payment returned.

The firm was desperate to recover its ransom funds, but the prosecutor’s office refused to release the money until it completed its investigation. Einhaus even sued for the return of their money. But other ransomware victims are also waiting for refunds. It seems unlikely that the businesses targeted by the cybercriminals will recover all their funds, since the three hackers may have already spent some of the stolen money.

"The fact that we, as the proven victims, are not recouping the extorted funds, even though they have been confiscated, has derailed our restructuring efforts," explained Managing Director Wilhelm Einhaus.

The Einhaus Group has now entered into Insolvency proceedings which may very well lead to bankruptcy. The combination of lost revenue, elimination of their seasoned workforce, the exorbitant ransom payment, and the refusal of the local prosecutor’s office to return their funds created a death spiral the company simply couldn’t recover from.

We now know of 4 successful businesses which have been not simply damaged — but destroyed — by hacking:

KNP Logistics — one of England’s largest transportation companies
Einhaus Group — a highly successful Germany electronics insurance company
The Stoli Group — two US subsidiaries of alcohol giant Stoli Group filed for bankruptcy
Vastaamo — a psychotherapy clinic in Finland; hackers blackmailed its patients using data they stole from its systems

These are the only businesses which have been publicly reported. There may be many others.

As a society, we must tell cybersecurity stories more persuasively to a much wider audience.

Businesses of all kinds need to recognize that cybersecurity isn’t just one of many IT issues the technical folks handle — cybersecurity is a foundational business survival requirement.

Join us

Weekly resources to help keep you safer online — protecting you from hackers, online scammers, and other Digital Kleptomaniacs™.

No spam. No selling your email. Just factual, actionable information once a week, from people who truly care about online security.  You can unsubscribe any time — but we hope you’ll want to stay with us on this journey.

Cybersecurity is a modern form of wealth, and you deserve to keep what you've earned.

Looking forward to connecting again next week.

— Anthony Collette

Digital Kleptos™