Ransomware victim disclosure
← All victimsLEMKEN
Claimed by 8Base · listed 2 years ago
Status timeline
- ListedMay 20, 2024
- Data leakeddate unknown
At a glance
About the victim
AI dossier — public-source company profileLEMKEN is a German family-owned agricultural machinery manufacturer founded in 1780, now with 1,600 employees worldwide and €400 million annual turnover. The company designs and manufactures tillage implements, seed drills, hoeing machines, fertiliser spreaders, and digital agriculture solutions for sustainable farming.
- Industry
- Agricultural Machinery & Equipment Manufacturing
- Employees
- 1600
- Founded
- 1780
Attack summary
Severity: medium — Data published on dark web with high ransom demand ($400M) suggests significant exfiltration, but the leak post provides no specific details about data type, sensitivity, or proof artifacts. No regulated/sensitive data categories (PII at scale, medical, financial, government) are explicitly mentioned. Medium confidence in actual breach scope.The 8Base group claims to have compromised LEMKEN and exfiltrated data. The group's post does not explicitly detail the type of attack (encryption vs. data theft) or specify which data categories were stolen.
Data the group says was taken
AI dossier — extracted from the leak post- corporate systems
- business records
What the group claims
LEMKEN enjoys a worldwide reputation as a visionary, sustainably operating company that makes an important contribution to profitable agriculture. A medium-sized German family company, LEMKEN has applied its expertise and passion for progress for 241 years, delivering solutions for the challenges confronting agriculture today and tomorrow. The company's product range includes tillage implements, seed drills, hoeing machines, fertiliser spreaders and smart solutions for agricultural data management. LEMKEN currently employs 1,600 staff worldwide and has an annual turnover of about €400 million. www.lemken.com
Sources
Source
Indexed 2 years agoThis page surfaces a public ransomware disclosure indexed by Darkfield. Original posts come from the operator's own leak site; we cross-check against ransomware.live, RansomLook and RansomWatch where applicable. Share this URL freely.
Is this your supplier? Your competitor? You?
Pro plans monitor your domain, corporate emails, and crypto wallets across every new ransomware leak-site post, breach dump and Telegram callout — alerts within 5 minutes.

