Cyber Incident Victim: Défi

On or around January 16, 2023, the retail business Défi in Dison, Belgium, experienced a disruptive cyber incident that forced a complete operational shutdown lasting at least two days. The attack rendered the store incapable of serving customers, with management publicly apologizing for the closure on January 18 via Facebook. Technical teams worked intensively to counter the attack but described it as exceptionally persistent. A Russian-linked threat actor claimed responsibility for the breach and issued a ransom demand of €150,000 to restore system access. The business reported immediate financial damages exceeding €10,000 in unrecoverable losses directly attributable to the forced closure, with ongoing daily revenue impacts compounding the situation.

Défi’s management communicated the incident’s severity through social media on January 18, directing customers to an upcoming Sudinfo La Meuse Verviers article scheduled for 19:30 that evening for additional clarification. The published article confirmed the Russian hacker’s involvement and ransom demand but did not specify whether payment was made or if data exfiltration occurred. No technical details regarding attack vectors, compromised systems, or data exposure were disclosed in available sources. Business operations remained suspended as IT personnel continued containment and recovery efforts, with no public timeline provided for restoration. The incident highlighted immediate revenue loss, reputational impact from public disclosure, and unresolved operational paralysis pending resolution of the cybersecurity breach.