LVM Restores Access to GEO Truck App After Cyberattack

After the cyberattack on June 26, AS "Latvijas valsts meži" (LVM) in cooperation with SIA "Koksnes plūsmas datu centrs" has restored access to the mobile app "GEO Truck", which is necessary for executing transport work assignments. This was confirmed by LVM's IT Infrastructure and Development Director Māris Kuzmins.

Kuzmins noted that almost all internal company information systems are back online, which was a prerequisite for restoring GEO Truck functionality. He emphasized that no data loss was detected in the external system, and work continues on restoring other systems.

LVM states that the attacker did not contact the company and did not demand a ransom. Even if a ransom were requested, the company would not pay. LVM has full backups of all data and no data loss has occurred.

Cybersecurity expert Elvijs Strazdiņš published information on his YouTube channel that the hacker is demanding 0.1% of LVM's total revenue for data decryption. According to LVM's 2025 annual report, revenue was €618.6 million, so the amount is approximately €618,600. Strazdiņš notes that legally this is not extortion because the hacker did not directly contact LVM.

The cybersecurity incident response institution Cert.lv reported that a foreign financially motivated ransomware group claimed responsibility, which has carried out similar attacks against other companies and government institutions. LVM has filed a report with the State Police, and a criminal investigation has been initiated.

On June 26, LVM resumed wood product deliveries to most customers. The company's turnover in 2025 was €604.585 million, with a profit of €206.73 million.