Safepay Ransomware Targets German Surveillance Firm Xortec
Category:Threat Alerts / Ransomware
The Safepay ransomware group claimed responsibility for breaching German surveillance provider Xortec, listing the company on its leak site with a ransom deadline of October 27, 2025. The attack highlights supply-chain risks in the physical security industry.
CORTEX Protocol Intelligence Assessment
Business Impact: The breach exposes critical vulnerabilities in the video surveillance supply chain, risking compromise of sensitive infrastructure. Technical Context: SafePay used double extortion tactics targeting firmware and distribution chains.
Strategic Intelligence Guidance
- Isolate affected supply-chain vendors and assess firmware integrity.
- Review third-party vendor access and authentication policies.
- Implement incident response playbooks for supply-chain ransomware.
- Share IoC data with industry ISACs and partners.
Vendors
Threats
Targets
Impact
Data Volume:Unknown
Financial:€7.5M
Intelligence Source: Safepay ransomware group claims the hack of professional video surveillance provider Xortec | Oct 27, 2025