ThyssenKrupp, the German steelmaker, disclosed Thursday (Dec. 8) that it was hacked and the bad guys stole technical trade secrets from its steel product and manufacturing plant design divisions.
According to a report by Reuters, the cyberattacks occurred earlier in the year. The steelmaker said the attackers resided in Southeast Asia and that the hack was “organized, highly professional hacker activities.” The company went on to say the breaches were discovered in April by the company’s internal security team. It was able to trace it back to February, when hackers stole data from its plant engineering division and other areas the company hasn’t determined yet.
“ThyssenKrupp has become the target of a massive cyberattack,” the industrial conglomerate said in a statement, according to Reuters.
According to the report, ThyssenKrupp said it held off on making the attacks public until it identified and cleaned the systems that were infected. “It is important not to let the intruder know that he has been discovered,” a spokesman told Reuters. The steel company filed a criminal complaint in the state of North Rhine-Westphalia, and an investigation is currently going on. State and federal cybersecurity and data protection authorities were kept abreast of the hack developments, as was the board of ThyssenKrupp. ThyssenKrupp said its systems operating steel blast furnaces and power plants were not impacted by the breach, nor was its marine systems unit, which produces military submarines and warships, noted Reuters. Although ThyssenKrupp hasn’t said how much the breach will ultimately cost it, Reuters said, in general, cyberattacks cost companies billions of dollars, and China is frequently blamed for hacks of companies.