Back

Qilin Ransomware Targets German Political Party Die Linke, Data Stolen

Severity: Medium (Score: 58.0)

Sources: Securityaffairs.Co, Bleepingcomputer

Summary

The Qilin ransomware group has claimed responsibility for a cyber attack on Die Linke, a German political party, asserting that they have stolen sensitive data and are threatening to leak it. The attack occurred on March 27, 2026, prompting Die Linke to disclose a cyber incident, although they did not confirm a data breach at that time. The party, which has 123,000 registered members and 64 representatives in the Bundestag, stated that their membership database was not compromised. Qilin, identified as a Russian-speaking group with financial and political motives, has been linked to previous attacks on political entities in Germany. As of April 1, 2026, Qilin added Die Linke to its data leak site without releasing any data samples. The party has reported the incident to German authorities and is collaborating with IT experts for system recovery. The attack is perceived as part of hybrid warfare targeting critical infrastructure. Key Points: • Qilin ransomware group claims to have stolen data from Die Linke political party. • The attack occurred on March 27, 2026, but the party did not confirm a data breach. • Die Linke's membership database was not affected, and they are working with authorities.

Key Entities

  • Apt29 (apt_group)
  • Ransomware (attack_type)
  • Die Linke (company)
  • Germany (country)
  • WineLoader (malware)
  • T1041 - Exfiltration Over C2 Channel (mitre_attack)
  • T1567 - Exfiltration Over Web Service (mitre_attack)
  • Qilin (ransomware_group)
Loading threat details...

Threat Not Found

The threat cluster you're looking for doesn't exist or has been removed.

Return to Feed