Qilin: Left Party reports Russian ransomware attack

The Left Party was allegedly subjected to a cyberattack: ‘We have indications that it is a ransomware attack by the hacker group ‘Qilin’,’ said Janis Ehling, federal managing director of The Left Party, on Friday morning. The party's infrastructure is affected, which was proactively taken offline on Thursday after anomalies were detected to prevent further spread. The party has filed a criminal complaint due to the incident; it has not yet been definitively clarified which internal data has been compromised. However, the party's member file was not impacted by the incident. The Left Party is ‘in close exchange’ with the responsible security authorities and independent experts, according to party managing director Ehling.

Details unclear

Ehling did not explain why the suspicion falls on the Qilin actors, who are assessed as Russian. According to descriptions from security authorities and analysts, Qilin is considered a particularly active ransomware actor that pursues both purely financial motives and political goals. ‘Collecting and publishing private or personal data serves to intimidate, harass, or publicly discredit those affected,’ says Left Party managing director Ehling. Democratic structures are intended to be weakened by this.

With the Left Party, at least the third party in Germany has thus been impacted by a cyberattack. In May 2024, the CDU was the victim of an exploited perimeter zero-day exploit; the investigation into this has been conducted by the Federal Prosecutor General since December 2025 at the Federal Prosecutor General's Office, who is responsible for, among other things, suspected sabotage and espionage cases of national importance. In early 2023, the SPD was impacted by an attack on its systems, which the federal government later clearly wanted to attribute to Russia.

(mack)