As Canyon announced on 6 January, Canyon Bicycles GmbH was the target of a massive criminal cyber attack shortly before the turn of the year. It appears to be a professionally organised group of criminals who specialise in attacking companies. The perpetrators managed to gain access to Canyon's IT systems. Software and servers were encrypted and thus partially paralysed. Not affected was the WebsiteOrders via the webshop can and could be placed as usual. The attack has now been identified and, as far as we know, has been stopped.
Canyon informed the relevant authorities immediately after becoming aware of the cyber attack. Since then, the company has been working closely with the Koblenz criminal investigation department and the State Office of Criminal Investigation. The State Commissioner for Data Protection in Rhineland-Palatinate has been informed. Criminal charges have been filed against the perpetrators. Experts from the fields of IT, forensics and cyber security were able to quickly analyse and control the attack and have already introduced solutions and countermeasures.
Interview with Thorsten Lewandowski (Global Communications Manager)
BIKE: At first you don't think of a hacker attack. How quickly did you realise that these were not "normal IT problems"?
We noticed this immediately on 27 December, the first working day after Christmas. The assembly of wheels was supposed to start in the factory at 5.55 a.m., but the system was not authorised. Our IT department immediately realised that it was a hacker attack.
What was the impact of the hacker attack?
We were 100 per cent incapacitated. Assembly was not running, shipping logistics, telephone and emails were not working and we had no access to our servers and data. We are now able to send bikes out again, but the line assembly is still not running. In the first few days, this meant that customers were still able to order bikes but did not receive order confirmations. If customers then wanted to enquire, they were unable to contact us by phone or email. However, this is now working again - albeit manually.
Do you know where this attack came from?
I cannot and must not say anything about this, as the criminal investigation department and the state criminal investigation department are involved and it is an ongoing investigation. But it is certain that the perpetrators are professionally organised and wanted to target the Canyon company with their attack.
How long will there be delays in servicing and delivering bikes?
We are not yet able to estimate this precisely. We currently have to expect delays. Our service department is also still struggling with restrictions. But we are trying to minimise the delay as much as possible. We are working flat out to get back to normal operations in terms of dispatch speed and service quality.
