Ransomware victim disclosure
← All victimsGühring KG
listed as Guhring was hacked. Thousands of confidential files stolen. · Claimed by Knight · listed 3 years ago
Status timeline
- ListedOct 9, 2023
- Data leakeddate unknown
At a glance
- Group
- Knight
- Status
- Data leaked
- Country
- Germany
- Sector
- Manufacturing
- Listed on leak site
- Oct 9, 2023
About the victim
AI dossier — public-source company profileGühring KG is a German manufacturer specializing in precision cutting tools, including drills, milling cutters, and threading tools, headquartered in Albstadt, Baden-Württemberg, Germany. The company operates globally with subsidiaries and distribution in numerous countries and is considered one of the world's leading producers of rotary cutting tools. It serves industries such as automotive, aerospace, and general engineering.
- Industry
- Precision Cutting Tools Manufacturing
- Employees
- 1001-5000
- Founded
- 1898
Attack summary
Severity: high — The group claims confirmed exfiltration of thousands of confidential files from a significant international manufacturing company, and the status is listed as data_published, indicating data was likely released; however, no specific regulated or sensitive personal data (medical, financial, government) is confirmed, placing this at high rather than critical.The Knight ransomware group claims to have stolen thousands of confidential files from Gühring and threatened to publish all data publicly within 72 hours unless the company made contact to negotiate protection of its data.
Data the group says was taken
AI dossier — extracted from the leak post- Confidential business files
- Internal company documents
What the group claims
This blog will be published 72 hours after the attack, all data will be posted publicly unless Guhring does not contact us to protect its data or ignores this message.
Sources
Source
Indexed 3 years agoThis page surfaces a public ransomware disclosure indexed by Darkfield. Original posts come from the operator's own leak site; we cross-check against ransomware.live, RansomLook and RansomWatch where applicable. Share this URL freely.
Is this your supplier? Your competitor? You?
Pro plans monitor your domain, corporate emails, and crypto wallets across every new ransomware leak-site post, breach dump and Telegram callout — alerts within 5 minutes.

