Ehrmann SE is a dairy headquartered in Germany. It has production facilitites in Russia and Brazil, as well as sales offices in Italy, Spain, the Czech Republic, Poland, Finland and China. The multinational firm has reportedly been hit by hackers. All we really know so far, as reported yesterday by Jens Noll and Sabrina Karrer, is that the dairy was attacked last week. The dairy confirmed the attack to Augsburger Allgemeine, but did not provide any statement about the scope of the breach. Thomas Schwarz and Sabrina Karrer subsequently had a small update to the report, noting that the police had informed them that the threat actors had demanded a “million dollar sum” (machine translation) but that Ehrmann had not paid and just contacted the police. Most Russian threat actors avoid hacking Russian entities or CIS entities. Ehrmann has a Russian production faciity. Were the threat actors non-Russian, or were they Russian hackers who may have erred in their target selection? DataBreaches.net has sent an email inquiry to Ehrmann asking if they can identify the threat actors and if their system was encrypted. This post will be updated if a reply is received. Reporting by Chum1ng0. Editing and comment by Dissent.