Ransomware victim disclosure
← All victimswerk33 GmbH & Co. KG
listed as werk33.com · Claimed by Cloak · listed 3 years ago
Status timeline
- ListedAug 24, 2023
- Data leakeddate unknown
At a glance
- Group
- Cloak
- Status
- Data leaked
- Country
- Germany
- Sector
- Technology
- Listed on leak site
- Aug 24, 2023
About the victim
AI dossier — public-source company profilewerk33 GmbH & Co. KG is a German carpentry and manufacturing specialist based in Enzweihingen (Vaihingen an der Enz), Baden-Württemberg. The company designs, plans, and produces trade-fair constructions, bespoke furniture, interior fit-outs, showrooms, and exhibitions, offering full project management from consulting and planning through to logistics and installation. With approximately 64 employees, 24 master craftsmen and wood technologists, and an average annual turnover of around €10 million, it serves clients across retail, automotive, jewellery, and museum sectors.
- Industry
- Custom Carpentry & Interior Fit-Out
- Address
- Erich-Blum-Straße 33, 71665 Vaihingen / Enzweihingen, Germany
- Employees
- 64
Attack summary
Severity: medium — Data has been published by the threat actor, confirming exfiltration occurred, but no specific data categories (e.g. PII at scale, financial records, medical data) or data volume are detailed in the leak post; the victim is an SME carpenter/interior-fit-out firm rather than critical infrastructure.The Cloak ransomware group claims to have attacked werk33 GmbH & Co. KG and has published data ('data_published' status), indicating exfiltration of company data; no specific data volume or ransom demand was stated in the leak post.
Data the group says was taken
AI dossier — extracted from the leak post- Company files (unspecified)
What the group claims
Country: germany
Sources
- Victim sitewerk33.com
Source
Indexed 3 years agoThis page surfaces a public ransomware disclosure indexed by Darkfield. Original posts come from the operator's own leak site; we cross-check against ransomware.live, RansomLook and RansomWatch where applicable. Share this URL freely.
Is this your supplier? Your competitor? You?
Pro plans monitor your domain, corporate emails, and crypto wallets across every new ransomware leak-site post, breach dump and Telegram callout — alerts within 5 minutes.

