Tractor giant AGCO hit by ransomware, halts production and sends home staff

Tractor giant AGCO hit by ransomware, halts production and sends home staff

A ransomware attack which hit agricultural equipment manufacturer AGCO has caused it to shut down some of its manufacturing facilities and send staff home.

The firm acknowledged last week that its systems had been hit by ransomware, and that some of its production facilities had been impacted.

Employees at its plant in Marktoberforf, Germany, were sent home, as we assembly line workers at production lines in Beauvais, France.

Sign up to our free newsletter.
Security news, advice, and tips.

The attack is likely to impact a number of agricultural machinery brands – Challenger, Fendt, Ferguson, Massey, and Valtra – all of which are owned by AGCO, in the run-up to a crucial time of year for crop farmers.

AGCO says it is still investigating the attacks, and has not identified what family of ransomware it has been attacked by, or whether it would be prepared to pay a ransom to its extortionists or not.

The company says that it expects its business operations to be “adversely affected for several days” and that it may take “potentially longer” to full resume all services, depending on how successful it is at fixing its systems.

Hopefully it will not just be exploring how best to recover any encrypted data, but also what it might need to do to prevent cybercriminals from breaching its networks again.

Just last month the FBI issued a warning to agricultural cooperatives, about the danger ransomware gangs might target the food and agriculture sector during critical planting and harvest seasons.


Graham Cluley is an award-winning keynote speaker who has given presentations around the world about cybersecurity, hackers, and online privacy. A veteran of the computer security industry since the early 1990s, he wrote the first ever version of Dr Solomon's Anti-Virus Toolkit for Windows, makes regular media appearances, and is the co-host of the popular "The AI Fix" and "Smashing Security" podcasts. Follow him on Bluesky and Mastodon, or drop him an email.

What do you think? Leave a comment

Your email address will not be published. Required fields are marked *

This site uses Akismet to reduce spam. Learn how your comment data is processed.