Leading Crane Maker Palfinger Hit In Global Cyberattack

Leading crane and lifting manufacturer Palfinger is targeted in an ongoing cyberattack that has disrupted IT systems and business operations.

Palfinger is a leading maker of crane and lifting solutions commonly used for construction, and land and sea lifting, loading, and handling solutions.

Palfinger is an Austrian company with over 11,000 employees over 35 locations and generated €1.75 billion in revenue for 2019.

If you have first-hand information about this or other unreported cyberattacks, you can confidentially contact us on Signal at +16469613731 or on Wire at @lawrenceabrams-bc.

Also Read: PDPA Breach Penalty Singapore: How Can Businesses Prevent

Palfinger affected by global cyberattack

Palfinger’s site is currently displaying an alert warning that the company is experiencing a cyberattack that has taken down their e-mail and disrupted business operations.

“Currently, the PALFINGER AG and the majority of its sites are the target of an ongoing global cyber-attack with massive effects on its IT infrastructure. The extent and consequences of the attack cannot be assessed at this time, but intensive efforts are being made to find a solution.”

“For the time being, PALFINGER cannot be contacted via e-mail nor can it receive or process inquiries, orders, shipments and invoices. ­ Your personal points of contact during this phase are only available by telephone,” states Palfinger’s website alert.

A security notice titled ‘Cyber attack at PALFINGER Group’ also states that their Enterprise resource planning (ERP) systems are down and that “a large proportion of the group’s worldwide locations are affected.”

In an e-mail seen by BleepingComputer, Palfinger is alerting partners of the attack and advising them to use “alternative channels (mobile phone, SMS,Whatsapp, …)” to communicate with Palfinger contacts.

Palfinger has also asked partners to not create further purchase orders for the time being.

It unknown what is causing the cyberattack, but it is likely to be a ransomware attack.

Also Read: Data Protection Authority GDPR: Everything You Need To Know

This is a developing story.