Ransomware victim disclosure
← All victimsDeCeTe Duisburger Container-Terminalgesellschaft mbH (Hutchison Ports Duisburg)
listed as DeCeTe · Claimed by Chaos · listed 9 months ago
Status timeline
- ListedOct 28, 2025
- Data leakeddate unknown
At a glance
About the victim
AI dossier — public-source company profileDeCeTe Duisburger Container-Terminalgesellschaft mbH, now operating as Hutchison Ports Duisburg, is an inland container terminal located in Duisburg, Germany, in the heart of the Ruhr region. The facility offers barge, rail, road, and terminal services, functioning as a major intermodal logistics hub connecting inland Germany to European seaports. It is part of the global Hutchison Ports group and has been in operation since 1983.
- Industry
- Container Terminal & Intermodal Logistics
- Address
- Stahlinsel 9, 47138 Duisburg, Deutschland
- Founded
- 1983
Attack summary
Severity: high — The victim is a critical intermodal logistics and container terminal operator serving as a key infrastructure node in Germany's supply chain; confirmed data publication by the threat actor indicates successful exfiltration, posing significant operational and business risk even without explicit data inventory details.The Chaos ransomware group claims to have attacked DeCeTe Duisburger Container-Terminalgesellschaft mbH and has published data, though no specific data size or ransom demand has been stated. The disclosure status indicates data has been published, suggesting exfiltration of company data.
Data the group says was taken
AI dossier — extracted from the leak post- Undisclosed company data
What the group claims
DeCeTe Duisburger Container-Terminalgesellschaft mbH
Sources
Source
Indexed 9 months agoThis page surfaces a public ransomware disclosure indexed by Darkfield. Original posts come from the operator's own leak site; we cross-check against ransomware.live, RansomLook and RansomWatch where applicable. Share this URL freely.
Is this your supplier? Your competitor? You?
Pro plans monitor your domain, corporate emails, and crypto wallets across every new ransomware leak-site post, breach dump and Telegram callout — alerts within 5 minutes.

