Cyber Incident
at SEMIKRON

Information on the Cyber Incident at SEMIKRON

SEMIKRON cares very much about a trustful and transparent cooperation with its customers and partners. Therefore, we would like to inform you that the SEMIKRON Group has become a victim of a cyber attack by a professional hacker group.

Nuremberg, 13.10.2022 - Update on IT recovery after cyber incident

SEMIKRON systems were recently affected by a cyber incident, which resulted, among other things, in the encryption and exfiltration of certain data.

Firstly, and importantly, we want to reassure that there is no evidence of any actual or attempted criminal misuse of information relating to our partners and customers in the context of this incident. However, we do want to keep providing information about the incident as well as the recovery so all partners can understand what happened and how we responded to the incident.

We also want to emphasize that the effected data is unrelated to the SEMIKRON webpages. These pages are handled on a network that is independent of the affected SEMIKRON network. Therefore, any documents or data downloaded from this website are not considered to be a risk.

What happened and how did we respond to the incident?

On July 29, 2022, we detected an incident impacting our internal IT systems. As soon as we discovered the incident, we promptly initiated response protocols and extensive containment measures, which included, among other things, isolating the infected network, launched an investigation with the assistance of third-party cybersecurity and forensic experts, and implemented our business continuity plans to minimize disruption to our customers and business partners and ensure the ongoing security of our systems. Consequently, most of our manufacturing environment had to be stopped. We worked together with external IT security experts to fully contain and remediate the incident.

In addition, to protect our employees, customers, and business partners from similar incidents in the future, we implemented a comprehensive set of security measures for our IT systems. The entire infrastructure is being rebuilt, based on the infrastructure of the Danfoss Group.

What is the impact on business?

The recovery process is running with focus on minimizing the disruption at our customers and partners. All our production lines worldwide are being re-started in a prioritized sequence defined, and this process is running according to plan, but until the final recovery, there might be deviations to certain procedures in the value chain.

The security of data and the minimization of any disruption is a top priority for us. We can assure that we have been doing, and will continue to do, everything we can to ensure the ongoing resilience of our systems and to prevent this type of incident from occurring again.

We thank all our customers and other business partners for their understanding. When new information is available, it will be posted on this website.

If you have any further questions, please feel free to contact us.

Nuremberg, 07.09.2022 - Semikron Danfoss informs customers about recovery process after cyber-attack

Semikron Danfoss is working hard towards the goal of resuming production at all facilities in order to return to regular business operations. For us, transparency to our customers and other business partners is critical to our mutual success in overcoming this difficult time.

We have therefore been in regular contact with customers for several weeks. We are keeping them individually informed about the current situation, the milestones achieved, and the next steps to eliminate the consequences of the cyber-attack.

This week, we also launched a webcast to efficiently inform larger customer groups about our progress. In this webcast, we report to invited customers on the overall situation after the cyber-attack. We provide an update on our progress in restoring our ability to produce and on the steps still to come as part of our recovery plan. Most importantly, we share with them our forecasts on the path to business.

We recognize that our customers' businesses depend on our ability to resume regular operations. We thank all our customers and other business partners for their understanding.

As soon as new information is available, it will be posted on this website. If you have any further questions, please feel free to contact us.

Nuremberg, 19.08.2022 - Further progress in recovery process

The SEMIKRON recovery process is going as planned. We are making further progress in rebuilding our worldwide communication and IT systems. We are currently finalizing our roadmap to get full access to our IT infrastructure. Following that we will be able to start ramp up of our production, focusing primarily on our three main sites in Germany, Italy and Slovakia. Other locations will follow directly thereafter.

Our highest priority is to serve our customers with products in the fastest way possible.

For the time being, we are not able to serve all our customers according to demand, and we apologize for any inconvenience and consequences the cyber-attack has on our customers.

The establishment of our new email system has been finalized and communication has been secured in a new, clean environment. All SEMIKRON employees have now been equipped with a @semikron-danfoss.com email address. External partners (customers, suppliers, etc.) will receive emails from the @semikron-danfoss.com domain and can send Emails to this domain.

As soon as further information is available, it will be published on this site.

If you have any questions, do not hesitate to contact us.

Nuremberg, 11.08.2022 - Communication to SEMIKRON has been reestablished

All approvals for the SEMIKRON Danfoss merger have been obtained and the cyber-attack on SEMIKRON has no impact on the merger process. Danfoss is supporting SEMIKRON in recovering from the cyber-attack on SEMIKRON Friday 29th July. One of the first priorities was to establish secure communication ways in a clean environment. Therefore, external partners (customers, suppliers, etc.) will receive emails from the @semikron-danfoss.com domain and can send Emails to this domain.

Example: firstname.surname@semikron-danfoss.com

All SEMIKRON employees have been equipped with a @semikron-danfoss.com email address.

The recovery process is running as planned.

As soon as further information will be available, we will publish them on this site.

If you have any questions, do not hesitate to contact us.

Nuremberg, 04.08.2022 - SEMIKRON is containing the cyber incident

As informed at the beginning of the week the SEMIKRON Group has become a victim of a cyber-attack by a professional hacker group. Thanks to our strong security measures and our preventive preparations for emergencies, we are making great progress in containing the cyber incident. All necessary measures to limit possible damages have been initiated immediately.

Together with a team of external cyber security and forensic experts, we are investigating the incident, securing our systems and data, and restoring our ability to work. With this process gaining momentum we are getting an overview of the full impact of the incident.

We do not have any definite information about data leaks at this moment. As soon as more detailed information about a possible data leak is available, the potential affected customers and partners will be informed. We are supported by the responsible authorities in this investigation and in the coordination of further measures.

We are in the process of finalising our recovery plan, with the aim to minimise the disruption to our employees, customers, and partners. As soon as this is fully defined, we will share it with employees, customers and partners as well as sharing an update via our homepage.

Further updates on the situation will be published on this page regularly.

If you have any questions, remarks or indications regarding the cyber incident, please contact us.

We will answer your enquiry as soon as possible.

 

Additional information for Customers:

Dear Customers,

due to the cyber incident, we are currently holding our production. As long as we cannot guarantee clearance of the cyber-attack completely from our systems, we will not have access to our landline or E-mail communication. We are however still reachable via our business mobile contacts.

We will inform you about any updates as soon as they are available. Further updates will be given to you on our homepage on a regular basis.

Thank you for your understanding!

Yours sincerely
SEMIKRON Management

Nuremberg, 01.08.2022 - Cyber Incident at SEMIKRON

The SEMIKRON Group has become a victim of a cyber-attack by a professional hacker group. As part of this attack, the perpetrators have claimed to have exfiltrated data from our system. Whether this is the case and which data are concerned is currently subject to investigation. The competent authorities for the SEMIKRON Group headquarter have been informed.

As soon as more detailed information about a possible data leak is available, any and all affected persons will be informed within the scope of applicable legal requirements. The attack has also led to a partial encryption of our IT systems and files. The entire network is currently being forensically investigated and cleaned up.

We immediately initiated all necessary measures to limit possible damage. With the support of external cyber security and forensic experts, we are investigating the incident. At the same time, we are working to restore the ability to work in order to minimise the disruption to our employees, customers and partners and to ensure the security of our IT systems. In addition, we are supported by the responsible authorities in the investigation and coordination of further measures.

If you have any questions, remarks or indications regarding the cyber incident, please contact us.

We will answer your enquiry as soon as possible.

Thank you for your understanding!

Yours sincerely
SEMIKRON Management 

Contact

If you have any questions, remarks or indications regarding the cyber incident please get in contact. We will answer your enquiry as soon as possible.

Contact