Fasana, a well-known German paper napkin manufacturer with roots going back to 1919, has been pushed into insolvency after a paralyzing ransomware attack disrupted every aspect of its operations. The attack struck in mid-May and quickly escalated into a full-blown business crisis.
How the Ransomware Attack Crippled Fasana’s Operations
On May 19, Fasana’s entire printing infrastructure suddenly began producing ransom notes. According to reports, every system—from laptops to desktop PCs—was locked down. By May 20, the company was unable to process orders worth over €250,000.
For nearly two weeks, Fasana was unable to:
- Print delivery notes or invoices
- Fulfill customer orders
- Process employee salaries
In total, this downtime led to financial losses exceeding €2 million. Dr. Dirk Wegener, the court-appointed insolvency administrator, confirmed that even basic business operations were rendered impossible:
“We couldn’t even print a delivery note,” he stated.
Fasana employs 240 workers and is based in Stotzheim, Germany. It had recently changed ownership in March after being acquired by the Powerparc Group, but the cyberattack has now forced the company to seek a new buyer under strict time constraints.
Known Ransomware Group Behind the Attack, But Identity Withheld
WDR, a German public broadcaster, reported that the ransomware used in the attack is tied to a group already known to law enforcement. The malware spread rapidly through Fasana’s network, encrypting files and locking out employees.
While the hackers made clear their financial motivations, they have not made a public ransom demand, and no well-known ransomware group has claimed responsibility as of now. The method of entry also remains unknown.
Systems Are Slowly Being Restored
Despite the extensive damage, Fasana has managed to resume limited operations. Deliveries restarted last week, and the company is once again able to issue invoices.
But time is tight. As reported by Golem, the manufacturer now has just eight weeks to find a new buyer. The search is further complicated by unfavorable market conditions, including high raw material costs and reduced commercial activity during the summer months.
Cyberattacks Expanding Across German Industrial Sectors
The Fasana incident is not an isolated case. Regional authorities in Euskirchen have also faced recent cyberattacks, pointing to a broader wave of ransomware campaigns targeting German organizations.
Attackers see small and mid-sized industrial players as particularly vulnerable. Many of these firms operate legacy systems that are hard to secure but vital to daily operations—making them lucrative targets for ransomware campaigns focused on disruption and extortion.
Ransomware Risk in Manufacturing and Supply Chain Disruption
Manufacturers like Fasana rely heavily on digitized production and logistics systems. A ransomware event doesn’t just lock files—it can halt entire production lines, delay client deliveries, and trigger regulatory and financial consequences that reverberate for weeks.
If you’re operating in a similar environment—especially in manufacturing, logistics, or supply chain management—ransomware attacks can bring your operations to a standstill.
Looking for a trusted recovery solution?
Defend your organization with StoneFly DR365—an air-gapped, immutable backup and recovery appliance trusted by enterprises to ensure zero data loss even in the event of complex cyberattacks.
