Update: Unauthorized access to parts of TÜV Rheinland Akademie GmbH’s training network

Personal data may be affected / TÜV Rheinland Academy proactively informs potentially affected persons and provides them with recommendations for action

As already announced on July 2 (see below), TÜV Rheinland Akademie GmbH discovered unauthorized access to parts of its training network in Germany in June and has since taken extensive security measures. TÜV Rheinland Akademie GmbH is a training provider under the umbrella of TÜV Rheinland. The training network is a separate network. The affected areas of the training network provide participants in training programs in Germany with access to certain training content, primarily via PCs in training rooms or loaner computers. After the cyber attack was detected, the affected network segment was deactivated. The corporate network of TÜV Rheinland and the rest of TÜV Rheinland’s training network are not affected.

Current forensic evaluations indicate that personal data may be affected during this attack. According to the current state of knowledge, this involves login data of training participants, in particular passwords individually set by training participants for participation in TÜV Rheinland Academy training courses. Although we have no evidence according to the current state of forensics, if persons are affected, TÜV Rheinland Academy will inform proactively potentially affected persons and provide them with recommendations for action and a contact channel for queries.

Once the cyber attack was detected, the affected network segment was disabled. All access to this part of the training network was deleted. TÜV Rheinland Academy has taken appropriate measures in line with the state of the art to effectively prevent any further potential breaches of data security of the data processed in connection with training participation. Experts are currently analyzing the incident and have begun reinstalling the training network servers. TÜV Rheinland Academy has reported the incident to the relevant data protection authority and has filed a criminal complaint against unknown persons.

The exact circumstances of the unauthorized access are the subject of a forensic investigation, which was initiated immediately after the incident became known and is still ongoing. As a result, no definitive statements can be made at this time. The Academy has informed or will inform participants and partners of any impact on training courses in Germany.

***************************************************************************

Statement from July 2, 2024

Unauthorized access to parts of TÜV Rheinland Akademie GmbH training network

Cologne | 02.07.2024

Cyber attack on individual training content of TÜV Rheinland subsidiary in Germany / TÜV Rheinland corporate network not affected

TÜV Rheinland Akademie GmbH discovered unauthorized access to parts of its training network in Germany in June and has since taken extensive security measures. TÜV Rheinland Akademie GmbH is a training provider under the umbrella of TÜV Rheinland. The training network is a separate network. The affected areas of the training network provide participants in training programs in Germany with access to certain training content, primarily via PCs in training rooms or loaner computers. After the cyber attack was detected, the affected network segment was deactivated. The corporate network of TÜV Rheinland and the rest of TÜV Rheinland’s training network are not affected.

According to the current status of the ongoing investigation, data was also leaked during this attack. At this time, there is no indication that sensitive personal data was affected, but rather training content, room reservation information and possibly access data for training courses – which can no longer be used due to the reinstallation and are therefore unusable. If there is any impact on training courses, we will notify participants and partners.

Experts are conducting a full analysis of the incident and have begun reinstalling the training network servers. All access to this part of the training network has been removed. The Academy will provide immediate information should further findings emerge from the attack.