Ransomware victim disclosure
← All victimsElektro Buder
listed as elektro-buder.at · Claimed by Lynx · listed 10 months ago
Status timeline
- ListedSep 4, 2025
- Data leakeddate unknown
At a glance
- Group
- Lynx
- Status
- Data leaked
- Country
- Austria
- Sector
- Telecommunication
- Listed on leak site
- Sep 4, 2025
About the victim
AI dossier — public-source company profileElektro Buder is an Austrian electrical contracting firm serving the Gunskirchen and Wels region with over 40 years of experience. The company offers electrical installations, photovoltaic systems, KNX/Loxone smart-home automation, network technology, security systems (alarm, fire, CCTV), and building technology services. It operates as a licensed trade business (Innungsfachbetrieb) in Upper Austria.
- Industry
- Electrical Installation & Building Technology Services
- Address
- Gunskirchen / Wels area, Upper Austria, Austria
Attack summary
Severity: medium — Data is stated as published by the group, indicating exfiltration occurred, but no specific sensitive regulated data categories (e.g. medical, financial at scale) are confirmed, no data size is given, and the victim is a small regional electrical contractor, limiting overall impact scope.The Lynx ransomware group claims to have attacked Elektro Buder and lists the disclosure status as data_published, indicating data has been exfiltrated and published. The leak post content is limited and does not detail specific data categories or volumes stolen.
Data the group says was taken
AI dossier — extracted from the leak post- Business/operational data
- Customer records
- Employee records
What the group claims
Es ist sicher, in dieser auerordentlichen Lage Elektroinstallationen durchzuführen. Für die Innungsfachbetriebe der E-Handwerke hat die Gesundheit aller Kunden und Mitarbeiter oberste Prioritt. Diese groe Verantwortung nehmen wir selbstverstndlich wahr. Wir möchten Ihnen die Manahmen aufzeigen, an die sich unsere Mitarbeiterinnen und Mitarbeiter strikt halten, um maximale Prvention zu gewhrleisten. Trotz der auerordentlichen Lage müssen wir unter Beachtung gewisser Schutzmanahmen unserer Arbeit weiter nachgehen können.
Sources
Source
Indexed 10 months agoThis page surfaces a public ransomware disclosure indexed by Darkfield. Original posts come from the operator's own leak site; we cross-check against ransomware.live, RansomLook and RansomWatch where applicable. Share this URL freely.
Is this your supplier? Your competitor? You?
Pro plans monitor your domain, corporate emails, and crypto wallets across every new ransomware leak-site post, breach dump and Telegram callout — alerts within 5 minutes.

