Press releases

Miele admits communication glitch

Gütersloh March 29, 2017 Nr. 034/2017

Machines are not a 'gateway for hackers' / Software update already under construction / All customers to be individually informed soon

The Miele company responds to current media publications under such headings as 'Miele dishwashers gateway for hackers' as follows:

It is true that a security vulnerability was discovered in the course of a penetration test on a Miele machine. This security hole was not however discovered on a dishwasher but on a machine to disinfect medical products and laboratory equipment with the model designation PG 8528. Equally so, this machine cannot be misused as a 'gateway for hackers' as it does not have its own connection to the Internet.

It is true, however, that only persons already inside the user's internal network have access to data on the PG 8528. This vulnerability pinpointed during the penetration test results in the increased risk of an unauthorised read-out of data. With this data, hackers could possibly be successful in cracking passwords in order to obtain further access to machine software. There are, though, no indications whatsoever that this has indeed been the case on any of the machines affected. Furthermore, the abuse of machine data would neither facilitate access to third-party data nor to other machines or processes in the user's network. Consequently, the security hole revealed in the course of a penetration test was only designated as being 'moderately serious'.

The software used on the PG 8528 is also deployed on models PG 8527, PG 8535 and PG 8536. Since their introduction in 2007, approximately 5800 of these machines have been sold. Miele intends to contact each user individually without delay to inform them of further details and the next steps in promptly stopping this security hole. A software update is already being programmed and will be able to be uploaded on site within a matter of weeks. All other Miele machines – whether domestic, commercial or for medical institutions and laboratories – already run state-of-the-art software which offers the highest possible degree of security.

The technical aspects in this case are entirely separate from the fact that the Miele company failed to respond to several notifications regarding this issue. Executive Directors view this as a serious shortcoming, the details of which have already been investigated in depth with a view to preventing any repeat occurrence in future. They stress that they would like to thank Jens Regel, the source of this evidence, for his information – and for his perseverance.

Guaranteeing the highest degree of data security has a high priority for Miele as has the reliability and the durability of Miele machines themselves. In this respect, the expectations of clients in Miele are justifiably particularly high – and therefore Miele will strive never to compromise the trust and confidence of its customers. For this reason, a special and highly sophisticated quality assurance process is already an elementary part of the software development process used in creating network solutions at Miele.

(496 words, 3,123 characters incl. spaces)

Company profile: Miele is the world's leading manufacturer of premium domestic appliances including cooking, baking and steam-cooking appliances, refrigeration products, coffee makers, dishwashers and laundry and floor care products. This line-up is augmented by dishwashers, washer-extractors and tumble dryers for commercial use as well as washer-disinfectors and sterilisers for use in medical and laboratory applications (Miele Professional). The Miele company, founded in 1899, has 8 production plants in Germany as well as one plant each in Austria, the Czech Republic, China and Romania. 2015/16 turnover amounted to approx. EUR 3.71 bn with sales outside Germany accounting for around 70 %. Miele is represented with its own sales subsidiaries and via importers in almost 100 countries. The Miele company, now in the fourth generation of family ownership, employs a workforce of around 19,100, 10,800 thereof in Germany. The company headquarters are located in Gütersloh/Westphalia, Germany.

Download as PDF
Your contact

Carsten Prudent
+ 49 5241 89-1951