Ransomware victim disclosure
← All victimsWebasto
listed as Carlex Glass Luxembourg S.A. · Claimed by Metaencryptor · listed 2 years ago
Status timeline
- ListedJul 31, 2024
- Data leakeddate unknown
At a glance
- Group
- Metaencryptor
- Status
- Data leaked
- Country
- Luxembourg
- Sector
- Manufacturing
- Listed on leak site
- Jul 31, 2024
About the victim
AI dossier — public-source company profileWebasto is a global automotive supplier and one of the top 100 in the industry, headquartered in Germany with 125 years of operation. The company specializes in roof systems (openable, fixed, convertible), thermal management solutions (heating and cooling), and battery systems for passenger vehicles and commercial applications. Carlex Glass Luxembourg S.A., located in Grevenmacher, is a subsidiary that produces glass elements for passenger cars and serves major international automotive manufacturers.
- Industry
- Automotive Supplier – Roof Systems, Thermal Management & Battery Solutions
- Address
- Grevenmacher, Luxembourg
- Founded
- 1901
Attack summary
Severity: low — The disclosure is a bare listing with no proof files, no data inventory detail, no confirmation of exfiltration, and no stated ransom or operational impact. Only a description of the target company is provided.Metaencryptor claims to have compromised Carlex Glass Luxembourg S.A. (Webasto subsidiary). The leak post provides no specific details on the nature of the attack, data exfiltrated, or operational impact.
What the group claims
Carlex Glass Luxembourg SA in Grevenmacher is a part of Webasto, the world leader in roof systems and convertible roofs as well as parking heaters. Carlex produces glass elements for passenger cars, counts many international car manufacturers among its customers and was formerly part of Carlex Glass America, LLC, headquartered in Nashville, Tennessee (USA).
Sources
- Victim sitewebasto.com
- Leak posthttp://metacrptmytukkj7ajwjovdpjqzd7esg5v3sg344uzhigagpezcqlpyd.onion/0AFC:b4935496481d47ffc684cf0a094e99b9/0AFC:7355d6ee6999e9389c2c7632900bc55c3d2ce207b128f2855fd76509624b7f8c/0AFC:7ce751aa15183bb846fe9e1aff476eb1a518f229b3255b27796d0fb3ddfabfb7d49a8534d6e93f30b5acab919b3bec5f
Source
Indexed 2 years agoThis page surfaces a public ransomware disclosure indexed by Darkfield. Original posts come from the operator's own leak site; we cross-check against ransomware.live, RansomLook and RansomWatch where applicable. Share this URL freely.
Is this your supplier? Your competitor? You?
Pro plans monitor your domain, corporate emails, and crypto wallets across every new ransomware leak-site post, breach dump and Telegram callout — alerts within 5 minutes.

