Six Weeks of Inactivity and 37 Years of History Lost: Cyberattack Forces German Textile Firm ZEGO into Bankruptcy
A devastating cyberattack has forced the long-established German textile company ZEGO Textilveredelungszentrum into bankruptcy proceedings after nearly six weeks without production, effectively ending 37 years of operations.
The Bavarian firm, which specialized in the finishing and processing of fabrics for the automotive industry, manufacturers of workwear, and producers of technical textiles, was unable to withstand the financial consequences of the prolonged shutdown.
The attack occurred on 29 March 2026 and brought production to a near-complete halt for almost six weeks. Company leadership explored multiple avenues to offset losses and keep the business afloat, but the extended downtime created an overwhelming financial burden that proved impossible to overcome.
Managing Director Johannes Zenglein described the move to seek creditor protection as one of the most painful decisions in the company’s history, stating that the attack had so severely damaged ZEGO’s financial position that continuing operations without insolvency proceedings was no longer viable.
The company has not disclosed the nature of the attack. It remains unknown whether the perpetrators used ransomware, who was responsible, or whether any customer or employee data was accessed. Management has only confirmed that the production stoppage itself placed the enterprise on the verge of closure.
The initiation of bankruptcy proceedings does not necessarily mean the final liquidation of ZEGO. The company intends to maintain production activities while insolvency administrators search for ways to restructure the business, protect jobs, and retain clients and suppliers.
Cyberattacks have previously disrupted factories and production lines, yet companies rarely acknowledge that operational downtime was the direct cause of their collapse. One of the most prominent examples is the bankruptcy of British logistics provider KNP Logistics, which operated for 158 years until attackers gained access via an employee password, encrypted systems, and left more than 700 people without work. Payment of the ransom failed to save the enterprise.