Overview
- Die Linke disclosed the breach Friday and took parts of its IT network offline to stop the spread.
- The party says indicators point to the Qilin ransomware group, which security researchers describe as a major actor that steals and publishes victim data.
- The membership database appears unaffected, though sensitive internal files and employees' personal details may have been copied for later publication.
- Leaders filed a criminal complaint and are working with security authorities and outside experts to restore the headquarters' systems.
- The case follows attacks on the SPD in 2023 and the CDU in 2024, and federal prosecutors have handled the CDU probe since December 2025.