Einhaus Group

History

2025: Bankruptcy due to ransomware virus attack

The German Einhaus Group, which specializes in mobile phone insurance, repair and logistics, filed for bankruptcy after what cyber attacks programs extortioners happened in 2023. The company was unable to recover from enciphering critical data by a group of Royal hackers, despite paying a ransom of €200,000 in bitcoins. Three subsidiaries of the group, including 24logistics, ceased operations, and the staff was reduced from 170 to 8 employees. This became known in August 2025.

According to The Register, at its peak, Einhaus Group served more than 5,000 retail stores throughout Germany and collaborated with major telecommunications companies Deutsche Telekom and 1 & 1. The company's annual revenue was €70 million before the cyber attack.

𝓲

Фото: Freepik

In 2023, the Royal ransomware group infiltrated the company's corporate systems and encrypted sensitive data, including contracts, accounts and internal correspondence. Attackers left warning messages on office printers notifying of a security hack.

The cyber attack led to a complete shutdown of the company due to the blocking of critical IT systems. In the following months, Einhaus Group suffered multimillion-dollar losses from lost profits and production process downtime. The total damage from the incident amounted to seven figures in euros.

The company's management decided to pay a ransom to hackers in the amount of €200 thousand in cryptocurrency to restore access to blocked data. However, obtaining decryption keys did not lead to a complete restoration of the enterprise's operating activities.

German cybercrime law enforcement agencies have identified three suspects in the attack. Prosecutors confiscated cryptocurrency funds obtained by criminals as a ransom, but did not return them to the affected company.^[1]

Notes