Media and political (HU, DE)

Two European political / media targets in the week: Mediaworks Kft (Hungary) — World Leaks claimed 8.5 TB of exfiltrated data including payroll, contracts, and internal editorial communications; Mediaworks confirmed "a significant amount of illegally obtained data may have come into the possession of unauthorized persons"; no public regulator notification announcement at window close (The Record, 2026-05-04 · daily 2026-05-06). Die Linke (Germany) — German federal political party confirmed Qilin ransomware encryption and 1.5 TB exfiltration; state DPA notified; no public ransom figure (heise online — covered in daily, 2026-05-08). Two distinct operators (data-theft-only WorldLeaks versus encrypt-and-exfiltrate Qilin), shared targeting of politically significant European entities. The defender lesson: data-theft-only operators defeat backup-centric ransomware defences entirely — effective detection requires egress monitoring and data-loss-prevention tooling capable of alerting on large-volume exfiltration before the attacker goes public on a leak site.