Onleihe, an online library application, severely affected by a cyberattack

Onleihe Online Library Mobile App Cyberattack Germany Third Party Vendor Digital Risk

After a cyberattack targeted their vendor, the library lending app Onleihe announced problems in multiple media formats endorsed on the platform, like audio, video, and e-book files.

Onleihe is an application that enables visitors and users to connect to local libraries and borrow e-magazines and audiobooks. The application is utilised by various universities in Europe and the international Goethe Institute, and in Germany, it accounts for approximately 40% of all eBook usage.


In a statement, Onleihe revealed that the cyber-attack started with a simple system failure, which they did not expect to be an attack from threat actors.


There was a system failure in the app detected at the end of March 2022 that erased encrypted files with copy protection. The company must re-encrypt and reupload the compromised files onto the library to be made available again.

Video and audio files have been impacted to display streaming errors, while e-book files affected by the incident only portray the first chapter or random content samples.

Onleihe has given a complete rundown of the titles reported to be compromised and advises its users to remove and uninstall them from their devices and download them again to mitigate being infected by the current hack.

The user forums on the website are currently unavailable due to a technical problem of unidentified origin. According to the online library app’s security team, their service provider has been the initial vector for cybercriminals to infiltrate their system.

The online service provider of the firm called EKZ also suffered a cyberattack in the middle weeks of April, which made specific systems harder to reach or flat out unreachable.  This outage affected their websites, catalogue data, and ID-Delivery.

EKZ’s announcement elaborated that the library user-related systems of the subsidiaries divibib into online lending and LMSCloud and their e-email applications were far from being affected by the current situation.

The compromised firm has already filed criminal charges with local law enforcement agencies and engaged a third-party cybersecurity team. This move is for the team to aid them with the recovery and restoration and its IT team to evaluate if there is an existing available backup to smoothen the process.

About the author

Leave a Reply