Data security notice

Data stolen from dena have been published illegally. A review is ongoing and those affected have been informed of the interim status of the review.

dena learnt that the company had fallen victim to a ransomware attack on 13 November 2023. The central servers were compromised and some of them were encrypted. An external IT forensics team was immediately called in. It was able to identify the group of blackmailers with the help of the Federal Office for Information Security (Bundesamt für Sicherheit in der Informationstechnik, or BSI) and the State Office of Criminal Investigation. While these investigations were being carried out, the Berlin Commissioner for Data Protection and Freedom of Information was sent a report on the incident.

The cyberattackers were able to copy dena files and publish them on the dark web as part of the cyberattack. Once dena was aware of this incident, the company immediately launched a review of the illegally published data; this review is still ongoing. However, it is already possible to draw some conclusions. The illegal publication of the data may affect individual personal data such as:

  • contact and communication data
  • banking details
  • information on organisational affiliation and function/position in the organisation
  • information on customer history
  • personnel data relating to date of birth, personnel number, date of joining and leaving, working time model, date of birth and information on income tax classification such as tax ID, tax class, religious denomination, child allowance (as at 2013/2014) as well as information on remuneration and promotions, information on participation in dena training and further education programmes as well as documents from applications and employee interviews

dena shut down all systems and disconnected them from the internet immediately after becoming aware of the attack. Since then, dena’s server system has been completely reorganised. This work is still ongoing and is taking place under a completely new security architecture.

As a result of the ransomware attack, there were isolated cases of fake emails, text messages and phone calls using names of dena employees or alleged contacts within the dena organisation as senders. For this reason, we recommend that you remain vigilant and only respond to serious enquiries. 

If you have any questions, please contact our data protection officer at datenschutz(at)