TAJMAC-ZPS a.s., a prominent Czech manufacturer of multi-axis CNC machine tools and an official exporter to the US, Ukraine, and the Middle East, has allegedly been compromised. Sensitive internal data belonging to the company appeared for sale on a cybercrime forum, with the seller claiming the information was exfiltrated directly from internal FTP/SMB servers without leaving digital traces or backdoors. The leaked dataset, totaling 530 MB, purportedly contains over 220 original files related to critical business operations and future infrastructure planning.
The allegedly compromised data includes:
-
Full 2025–2027 ERP migration project details, including prioritized requirements and target operating models.
-
Complete IT/OT architecture diagrams and data flows (involving SME.UP, Windchill, and Navision).
-
Feasibility studies for OR-SYSTEM Open, outlining specific weaknesses in current systems.
-
Financial documents revealing real cost structures and profit margins on research projects.
-
Organizational charts dated March 2025, including full names of C-level and middle management.
-
Scanned attendance sheets from ERP workshops containing employee signatures.
-
Export paperwork samples (EUR.1, ATA Carnet, CMR) and installation certificates.
-
Production and purchasing BI reports up to September 2025.
