DataBreaches.Net

Menu
  • About
  • Breach Notification Laws
  • Privacy Policy
  • Transparency Report
Menu

Fr: Ransomware attack on spa is anything but relaxing

Posted on July 16, 2021 by chum1ng0

On July 9, the Royatonic spa in France suffered a ransomware attack.  A notice on their web site informs people that as of July 12, the spa had to close because a cyberattack blocked access to their server and paralyzed all their activity.

Closed due to cyberattack

COMPUTER PROBLEM

Royatonic regrets to close its doors on Monday July 12th. Following a major computer problem (cyber attack) which blocks access to our server and paralyzes all of our activity, we are unable to take reservations, recharge your subscriptions or sell gift vouchers on the site and on site. This technical problem of indefinite duration is beyond our control and we are doing everything we can to remedy it. Follow our news on the site or our social networks.

Thank you for your understanding.
>> Find out more: Follow our news <<

Although they hoped to recover services quickly, as of July 15, the notice of closure is still up.

Francetvinfo obtained a statement from the director of Royatonic (translated):

A Russian hacker cryptolocked our server to us. It blocks our access to it. There is no data theft or hacking but we can no longer access our server. He asks us for a ransom to give us the key. We are lucky because we come across a hacker who plays in the 3rd division and asks us for less than a ransom bitcoin. Bitcoin is less than 28,000 euros. The ransom isn’t huge to make sure people pay.

We are in contact with him and at the same time we are implementing a plan B. The priority is to reopen Royatonic. We are at a standstill.

Despite the obvious stress of the situation, the director displayed a sense of humor. France Bleu reported that Dominique Ferrandon said:

In five days, I added a Russian hacker to my email contact list, I discovered new words like crypto-locked and I also looked at the bitcoin price!

Hopefully, the hacker has a sense of humor, too, and doesn’t take offense at being described as third tier.

On a serious note, Ferrandon noted that customer data was not at risk, and that they hoped to have the spa re-opened within 15 days. The following is a machine translation of her statement to Francetvinfo:

The priority option is reopening. We hope to do it in less than 15 days. We’d lose our client file. Usually, we welcome 300 people in snapshot over two hours. That’s about 1,200 people a day. It is a blow in the sense that it deprives us of activity for a fortnight. We lose turnover, but for 2 years we are used to losing.

Ferrandon added that they do not plan to pay the ransom but do not totally exclude the possibility:

On an ethical level, we would rather refuse to pay the ransom. On a purely logical level, it would also be no. We need to look at what consequences this can have on us in relation to the amount of the ransom.


Reporting by Chum1ng0, editing by Dissent

Category: Breach IncidentsBusiness SectorMalwareNon-U.S.

Post navigation

← Dutch ethical hackers on a mission to fix the internet
D-Box Technologies hit by ransomware that affected most of its systems →

Now more than ever

"Stand with Ukraine:" above raised hands. The illustration is in blue and yellow, the colors of Ukraine's flag.

Search

Browse by Categories

Recent Posts

  • ShinyHunters and team members arrested in France (1)
  • Texas Enacts Liability Shield From Punitive Damages for Certain Small Businesses That Adopt Cybersecurity Programs
  • Dublin ETB fined €125,000 for data protection breaches
  • From $5,000 to $800,000: Days Apart, OCR Security Settlements Show Puzzling Math
  • Liberty Township in Ohio has recovered its network after a ransomware attack
  • Marquette County Medical Care Facility discloses data breach
  • Industry Letter – June 23, 2025: Impact to Financial Sector of Ongoing Global Conflicts
  • MNGI Digestive Health settles class action lawsuit stemming from BlackCat attack
  • Four REvil ransomware members released after time served on carding charges
  • Why Dumping Sensitive Data on Network Shares is a Liability

No, You Can’t Buy a Post or an Interview

This site does not accept sponsored posts or link-back arrangements. Inquiries about either are ignored.

And despite what some trolls may try to claim: DataBreaches has never accepted even one dime to interview or report on anyone. Nor will DataBreaches ever pay anyone for data or to interview them.

Want to Get Our RSS Feed?

Grab it here:

https://databreaches.net/feed/

RSS Recent Posts on PogoWasRight.org

  • How Internet of Things devices affect your privacy – even when they’re not yours
  • Sky Views Personal Data as a Potential Weapon in IPTV Piracy War
  • Florida Used a Nationwide Surveillance Camera Network 250 Times To Aid in Immigration Arrests
  • Federal Court Strikes Down HIPAA Reproductive Health Care Privacy Rule
  • The Markup caught 4 more states sharing personal health data with Big Tech
  • Privacy in the Big Sky State: Montana’s Consumer Privacy Law Gets Amended
  • UK Passes Data Use and Access Regulation Bill

Have a News Tip?

Email: Tips[at]DataBreaches.net

Signal: +1 516-776-7756

Contact Me

Email: info[at]databreaches.net

Mastodon: Infosec.Exchange/@PogoWasRight

Signal: +1 516-776-7756

DMCA Concern: dmca[at]databreaches.net
© 2009 – 2025 DataBreaches.net and DataBreaches LLC. All rights reserved.