Qilin Ransomware Targets German Political Party Die Linke, Data Stolen

Qilin Ransomware Targets German Political Party Die Linke, Data Stolen

First seen 4 Apr 2026, 18:13 UTC BleepingcomputerSecurityaffairs.CoScworldEscudodigitalCybernews 88% similarity 58.0

Article Content

Browse articles
ThreatCluster

The Qilin ransomware group has claimed responsibility for a cyber attack on Die Linke, a German political party, asserting that they have stolen sensitive data and are threatening to leak it. The attack occurred on March 27, 2026, prompting Die Linke to disclose a cyber incident, although they did not confirm a data breach at that time. The party, which has 123,000 registered members and 64 representatives in the Bundestag, stated that their membership database was not compromised. Qilin, identified as a Russian-speaking group with financial and political motives, has been linked to previous attacks on political entities in Germany. As of April 1, 2026, Qilin added Die Linke to its data leak site without releasing any data samples. The party has reported the incident to German authorities and is collaborating with IT experts for system recovery. The attack is perceived as part of hybrid warfare targeting critical infrastructure.

Key Points: • Qilin ransomware group claims to have stolen data from Die Linke political party. • The attack occurred on March 27, 2026, but the party did not confirm a data breach. • Die Linke's membership database was not affected, and they are working with authorities.

ThreatCluster AI

Timeline

2026-03-27
Qilin ransomware group compromises Die Linke's network.
2026-04-01
Qilin claims the attack publicly and adds Die Linke to its leak site.
2026-04-03
Die Linke confirms the cyber incident but not a data breach.

Community

Browse all →