Puy-de-Dôme: Royatonic victim of a cyberattack by a Russian hacker
Puy-de-Dôme: Royatonic victim of a cyberattack by a Russian hacker
Since Friday July 9, the Royatonic thermoludism center, located in Royat, near Clermont-Ferrand, has been the victim of a computer problem. A cyberattack by a Russian hacker prevents his computer server from functioning. The establishment is paralyzed and cannot open its doors.
Posted on 07/15/2021 at 12:15 p.m.
Since July 9, the Royatonic thermoludism center, near Clermont-Ferrand, has been the victim of a cyberattack which paralyzes the activity. Archival image.
Since July 9, the Royatonic thermoludism center, near Clermont-Ferrand, has been the victim of a cyberattack which paralyzes the activity. Archival image. • © GORCE Jean Louis / MAXPPP
Puy de Dome Clermont-Ferrand
" It's a bit of science fiction ": it is in these words that Dominique Ferrandon describes the misadventure that has been happening to Royatonic for a few days. Since Friday July 9, the thermoludism center, located in Royat, near Clermont-Ferrand, has been the victim of a computer problem.
The origin of this problem is now identified. Dominique Ferrandon, director of Royatonic, says: “ A Russian hacker has cryptolocked our server. It is blocking us access. There is no data theft or hacking but we can no longer access our server. He asks us for a ransom to give us the key. We are lucky because we come across a hacker who plays in the 3rd division and asks us for less than a ransom bitcoin. Bitcoin is less than 28,000 euros. The ransom isn't huge to make sure people pay ”.
A ransom demand
He continues: “ We are in contact with him and at the same time, we are implementing a plan B. The priority is to reopen Royatonic. We are paralyzed. This server allows us to encode the input cards, to video-monitor the pools. Without this server we can do nothing. We had a first alert last Thursday, which we put on the account of a computer failure. We didn't pay more attention to it and the IT provider reset the server. The next morning, we had a message on a server screen. The ransom demand came pretty quickly. We told him that we were not a multinational ”.
We are losing turnover, but for 2 years we are used to losing it
For several days, the establishment has been blocked. The director adds: “ The priority option is to reopen. We hope to do so in less than 15 days. We would lose our customer file. Usually, we welcome 300 people in snapshot over two hours. That's about 1,200 people a day. It's a blow in the sense that it deprives us of activity for a fortnight. We are losing turnover, but for 2 years we have been used to losing it ”. Dominique Ferrandon does not plan to pay the ransom but does not completely exclude this hypothesis: “ On an ethical level, we would rather refuse to pay the ransom. From a purely logical point of view, it would also be no. We have to look, in relation to the amount of the ransom, what consequences this can have on us ».
An investigation carried out
An investigation is underway: “ We filed a complaint with the Clermont-Ferrand police station. We are told that cybercriminals are always one step ahead of IT people. The parade always comes after the attack. We are in contact with the Paris cybercrime cell. The police tell us that the hacker does not know who we are, that he launches an attack that walks until he finds a door. He did not attack Royatonic. He doesn't know what we're doing ”. For the moment, the physical and telephone reception of the center is maintained and some of the employees are in partial activity. " You can buy a ticket online at Royatonic. Everything is done on an online site hosted by a service provider. Our customers who have purchased a ticket online or a gift voucher should not be worried. This operation is not done on the server ”wishes to reassure Dominique Ferrandon. If all goes well, the thermoludism center should once again welcome the public at the end of July-beginning of August.
Since Friday July 9, the Royatonic thermoludism center, located in Royat, near Clermont-Ferrand, has been the victim of a computer problem. A cyberattack by a Russian hacker prevents his computer server from functioning. The establishment is paralyzed and cannot open its doors.
Posted on 07/15/2021 at 12:15 p.m.
Since July 9, the Royatonic thermoludism center, near Clermont-Ferrand, has been the victim of a cyberattack which paralyzes the activity. Archival image.
Since July 9, the Royatonic thermoludism center, near Clermont-Ferrand, has been the victim of a cyberattack which paralyzes the activity. Archival image. • © GORCE Jean Louis / MAXPPP
Puy de Dome Clermont-Ferrand
" It's a bit of science fiction ": it is in these words that Dominique Ferrandon describes the misadventure that has been happening to Royatonic for a few days. Since Friday July 9, the thermoludism center, located in Royat, near Clermont-Ferrand, has been the victim of a computer problem.
The origin of this problem is now identified. Dominique Ferrandon, director of Royatonic, says: “ A Russian hacker has cryptolocked our server. It is blocking us access. There is no data theft or hacking but we can no longer access our server. He asks us for a ransom to give us the key. We are lucky because we come across a hacker who plays in the 3rd division and asks us for less than a ransom bitcoin. Bitcoin is less than 28,000 euros. The ransom isn't huge to make sure people pay ”.
A ransom demand
He continues: “ We are in contact with him and at the same time, we are implementing a plan B. The priority is to reopen Royatonic. We are paralyzed. This server allows us to encode the input cards, to video-monitor the pools. Without this server we can do nothing. We had a first alert last Thursday, which we put on the account of a computer failure. We didn't pay more attention to it and the IT provider reset the server. The next morning, we had a message on a server screen. The ransom demand came pretty quickly. We told him that we were not a multinational ”.
We are losing turnover, but for 2 years we are used to losing it
For several days, the establishment has been blocked. The director adds: “ The priority option is to reopen. We hope to do so in less than 15 days. We would lose our customer file. Usually, we welcome 300 people in snapshot over two hours. That's about 1,200 people a day. It's a blow in the sense that it deprives us of activity for a fortnight. We are losing turnover, but for 2 years we have been used to losing it ”. Dominique Ferrandon does not plan to pay the ransom but does not completely exclude this hypothesis: “ On an ethical level, we would rather refuse to pay the ransom. From a purely logical point of view, it would also be no. We have to look, in relation to the amount of the ransom, what consequences this can have on us ».
An investigation carried out
An investigation is underway: “ We filed a complaint with the Clermont-Ferrand police station. We are told that cybercriminals are always one step ahead of IT people. The parade always comes after the attack. We are in contact with the Paris cybercrime cell. The police tell us that the hacker does not know who we are, that he launches an attack that walks until he finds a door. He did not attack Royatonic. He doesn't know what we're doing ”. For the moment, the physical and telephone reception of the center is maintained and some of the employees are in partial activity. " You can buy a ticket online at Royatonic. Everything is done on an online site hosted by a service provider. Our customers who have purchased a ticket online or a gift voucher should not be worried. This operation is not done on the server ”wishes to reassure Dominique Ferrandon. If all goes well, the thermoludism center should once again welcome the public at the end of July-beginning of August.
