German logistics provider Hellmann Worldwide Logistics has warned customers social engineering attacks could target them after being hit by a ransomware attack earlier this month.
In an update on the incident, which forced the company to take its IT systems temporarily offline on December 9, Hellmann confirmed that the attackers extracted data. While it is still investigating what type of data was stolen, the firm warned its partners and customers to beware of fraudulent emails and calls “in particular regarding payment transfers, changing bank details or the like.”
While reassuring customers that email and phone communication with Hellmann staff remains safe, they should take steps to ensure any contact from someone purporting to be from the firm is genuine.
Hellmann stated: “As reported, the forensic investigation has confirmed that data was extracted from our servers before our systems were temporarily taken offline as a precautionary measure on December 9. We are currently investigating what type of data was extracted. Should we receive indications that third parties are affected, we will inform them proactively. We are in regular contact with relevant government authorities.”
The company also confirmed its sales team continues to be reachable 24/7, and customers with any questions about the incident can email Crisisfirstname.lastname@example.org.
Hellmann was founded a century and a half ago and has 489 offices across 174 countries. The company handles approximately 16 million shipments per year, and in 2020, it reported revenues of $2.8bn.
In its original statement regarding the attack, the company said: “We can currently not rule out that there have been data leakages or unauthorized use of data.”
Social engineering attacks, such as phishing, are more likely to succeed if the attackers can tailor their communications to individuals, as they look more plausible. They are often able to do this through accessing personal information like names, email addresses and date of birth through data breaches.