Connect with us

Hi, what are you looking for?



Cyberattack Disrupts Production at Varta Battery Factories

Production at five plants of German battery maker Varta has been disrupted by a cyberattack, possibly a ransomware attack.

Germany-based battery manufacturer Varta revealed on February 13 that production at five of its plants had been disrupted as a result of a cyberattack.

The attack was detected on February 12 and forced the company to shut down IT systems and disconnect them from the internet, which caused disruption to production, as well as to administrative processes. 

“The extent of the actual damage cannot be determined at this time,” Varta said. “In accordance with the emergency plan for such situations, the necessary precautionary measures were implemented immediately.” 

“Additionally, a task force was set up instantly to restore normal operations as quickly as possible and deal with the incident with the support of cyber security experts and data forensics specialists,” it added.

Varta manufactures batteries for the automotive, consumer, and industrial sectors. The company is present in 45 countries and regions around the world, and has production facilities in Germany, China, Romania and Indonesia. 

Varta representatives told German media that the production sites impacted by the cyberattack are in Germany, Romania and Indonesia. Production was still reportedly halted on February 14 and the company could not estimate when it may resume. 

The company’s brief description of the incident suggests that it could be a ransomware attack. No known ransomware group appears to have taken credit for the attack on Varta, but victims are typically named only after negotiations have stalled or failed. 

Related: The Ransomware Threat in 2024 is Growing: Report

Advertisement. Scroll to continue reading.

Related: Johnson Controls Ransomware Attack: Data Theft Confirmed, Cost Exceeds $27 Million

Related: Ransomware Payments Surpassed $1 Billion in 2023: Analysis

Written By

Eduard Kovacs (@EduardKovacs) is a managing editor at SecurityWeek. He worked as a high school IT teacher for two years before starting a career in journalism as Softpedia’s security news reporter. Eduard holds a bachelor’s degree in industrial informatics and a master’s degree in computer techniques applied in electrical engineering.


Daily Briefing Newsletter

Subscribe to the SecurityWeek Email Briefing to stay informed on the latest threats, trends, and technology, along with insightful columns from industry experts.

Join the session as we discuss the challenges and best practices for cybersecurity leaders managing cloud identities.


SecurityWeek’s Ransomware Resilience and Recovery Summit helps businesses to plan, prepare, and recover from a ransomware incident.


People on the Move

Kim Larsen is new Chief Information Security Officer at Keepit

Professional services company Slalom has appointed Christopher Burger as its first CISO.

Allied Universal announced that Deanna Steele has joined the company as CIO for North America.

More People On The Move

Expert Insights

Related Content


A recently disclosed vBulletin vulnerability, which had a zero-day status for roughly two days last week, was exploited in a hacker attack targeting the...


The changing nature of what we still generally call ransomware will continue through 2023, driven by three primary conditions.


As it evolves, web3 will contain and increase all the security issues of web2 – and perhaps add a few more.


Luxury retailer Neiman Marcus Group informed some customers last week that their online accounts had been breached by hackers.


Zendesk is informing customers about a data breach that started with an SMS phishing campaign targeting the company’s employees.


Patch Tuesday: Microsoft calls attention to a series of zero-day remote code execution attacks hitting its Office productivity suite.

Artificial Intelligence

The release of OpenAI’s ChatGPT in late 2022 has demonstrated the potential of AI for both good and bad.


Satellite TV giant Dish Network confirmed that a recent outage was the result of a cyberattack and admitted that data was stolen.