Cyber Incident Victim: Cultura
Date:
Aug 2024
Location:
France
Summary
A cyberattack targeting Octave, a software provider for retail businesses, compromised personal data of approximately 1.5 million customers of its client Cultura. The breach exposed names, contact details, addresses, and order contents but excluded financial information or passwords. Concurrently, the ransomware attack disrupted Octave's systems, causing widespread service outages that paralyzed order processing and online operations for Cultura and other affected retailers. The incident severely impacted Octave's financial stability, leading to its eventual liquidation despite technical recovery efforts, highlighting cascading consequences for dependent businesses.
| CIA Posture | Motives | Tactics, Techniques & Procedures |
|---|---|---|
| Available to members | 2 motives | 1 technique |
| Threat Actors | Type | Location |
|---|---|---|
| 0 actors | Available to members | Available to members |
Description
On or around August 16, 2024, Octave.biz, a France-based SaaS provider specializing in retail business software, suffered a ransomware attack that encrypted part of its information systems, rendering them inoperable. The attack caused immediate service disruptions for multiple clients, including Cultura, a cultural products retailer, and other companies such as La Boutique du Tracteur, Makassar, Cobra, Agripartner, and Kalico. These clients experienced prolonged website outages and operational paralysis, forcing some to revert to manual processes like paper-based order management. Cultura’s access to Octave’s hosted business tools was interrupted, impacting its order processing capabilities. Octave’s technical teams worked to restore systems, achieving partial recovery within six weeks, but the extended downtime severely affected client operations. The incident attracted public attention when clients like La Boutique du Tracteur disclosed the cyberattack’s impact via social media on August 20, citing indefinite delays in order fulfillment and customer communication.
Cultura confirmed on September 10, 2024, that the attack on Octave—identified as its third-party service provider—resulted in the theft of personal data belonging to 1.5 million customers. Compromised data included full names, phone numbers, email and postal addresses, and order histories, though passwords and financial information remained secure. Concurrently, cybersecurity researcher Damien Bancal linked the incident to a broader ransomware campaign, noting that stolen data from Cultura and another retailer, Boulanger (attacked September 6–7), appeared for sale on hacking forums. Cultura filed a legal complaint following the breach disclosure. The attack’s economic repercussions proved fatal for Octave: despite restoring services, the company faced insolvency by October 2024 due to unpaid debts, entered judicial restructuring in November, and was liquidated on March 19, 2025, resulting in 38 job losses. Client businesses, including Cultura, endured reputational and operational harm, with prolonged service interruptions damaging customer trust and commercial relationships.