Ransomware by safepay targeted caritas-koblenz.de in Germany, leveraging the organization’s digital infrastructure to extort resources amid ongoing charitable operations. The threat actor, headquartered in Koblenz, reportedly began impacting victims of charitable services within Germany. #Germany
Incident Details
- Victim: caritas-koblenz.de
- Sector: Healthcare
- Country: DE
- Actor: safepay
- Source: http://safepaypfxntwixwjrlcscft433ggemlhgkkdupi2ynhtcmvdgubmoyd.onion/blog/post/caritas-koblenzde/
- Discovered: 2026-07-06T19:41:48.669263+00:00
- Published: 2026-07-06T19:41:35.051650+00:00
Information
- Headquartered in Koblenz, the association was founded in 1918 and has provided charitable and community-based services for more than a century.

Disclaimer: This post is based on public claims made by the ransomware group "safepay". I cannot confirm the accuracy of the information. However, I would be happy to share any official statement from the affected organization to provide clarification.