Miniatur Wunderland Target of IT Attack: Credit Card Data Leaked
The online booking system of Miniatur Wunderland was the target of an IT attack. Investigations are still ongoing.
(Image: Tatiana_Kuzmina/Shutterstock.com)
Cybercriminals were able to penetrate the booking system of Miniatur Wunderland Hamburg. They apparently managed to read information from payment transactions. Investigations are still ongoing.
In response to an inquiry from heise online, a spokesperson for the popular model railway exhibition stated that it had been the target of a cyberattack in which credit card data had been stolen. “Unknown individuals have inserted malicious code into a module of our online ticket booking system. No credit card data stored with us was stolen—we do not store any payment data locally,” Miniatur Wunderland announced. “According to the current status, the data traffic between our server and the payment service provider was manipulated, allowing the malicious code to read data during the payment process.”
The company further stated: “As a precaution, we have informed all visitors who booked tickets during the affected period and immediately reported the incident to the data protection authority. The police and external IT forensic experts are currently investigating how the attack could have occurred and the exact extent of the manipulation.”
Affected Systems Cleaned
Miniatur Wunderland successfully expelled the criminals after detecting the intrusion: “All systems were immediately cleaned after confirmation of the initial suspicion and replaced with completely new systems within 72 hours.” The danger of further data leakage has thus been averted. However, the attackers apparently nested for a longer period. In the email to affected individuals, Miniatur Wunderland writes: “According to the current status, the incident affects orders paid for by credit card in the period from 06/06/2025 to 10/29/2025.”
Videos by heise
Regarding the leaked data, the company informs customers “that the complete credit card data (cardholder, card number, CVV, expiry date) entered for orders in the ticket shop are affected by the incident. Currently, however, we have no indication that further personal data (e.g., address, email) has been leaked. The validity of your tickets is not affected by this.”
The model builders recommend having the credit card blocked immediately and closely monitoring account transactions. Affected individuals should immediately object to any unauthorized charges.
(dmk)
