Contract processing and compensation for damages can resume under the liability fund.
Liability Insurer Gradually Restoring Services After Ransomware Attack
A German liability insurer, based in Roßdorf near Darmstadt, has been gradually restoring its digital services following a ransomware attack over the second weekend of July. The insurer, which manages around 2 million active damage and accident policies and has a premium volume exceeding 200 million euros, experienced a significant disruption of over 80% of its digital services, including key customer-facing platforms such as claims, billing, and onboarding systems.
Torsten Wetzel, a board member responsible for customer service and claims settlement at the insurer, confirmed that they can process all relevant business cases based on current data. Employees can now access programs for managing their portfolios, and new applications can be submitted for processing on the insurer's improvised company website, www.diehk.de. Templates are available for new applications, and case handlers can be contacted via email on the website.
Despite the progress made, there is no publicly available detailed update on the full restoration timeline of the intermediary portal and homepage following the ransomware attack in July. The recovery process is complex, phased, and can take weeks to months depending on the severity, with priority given to restoring core functionalities first.
Industry incidents indicate that recovery is typically slow due to ongoing challenges with system recovery, regulatory compliance, and reputation management. For instance, Erie Insurance's mid-2025 cybersecurity incident recovery was described as intentional and phased, with gradual reconnection of key business systems and customer access restoration over several weeks. No clear final timeline was provided.
In light of these factors, while the attacker’s impact was profound and widespread, and operational recovery is underway, there is no confirmed or publicly stated exact timeline or current status update for the intermediary portal and homepage restoration beyond general progress toward phased recovery efforts in the weeks following the July attack. Further official communication from the affected insurer would be required for a precise status update.
Employees of the liability insurer, numbering around 380 nationwide, are working diligently to restore the digital intermediary portal and homepage. As of early August 2025, the insurer is gradually restarting the affected computer systems, ensuring security and service stability before full public-facing platform restoration.
- The cybersecurity technology is crucial in ensuring the security and stability of the digital systems as the German liability insurer, following a ransomware attack, is gradually restarting its affected computer systems.
- Policies for managing the cybersecurity technology are essential in this complex, phased recovery process, with the insurer gradually reconnecting key business systems and restoring the customer-facing homepage and intermediary portal over several weeks, as seen in similar industry incidents.
