Cyber Incident Victim: Eureden
Date:
Mar 2022
Location:
France
Summary
A cooperative group's food production facilities, including a charcuterie manufacturing plant, experienced a cyberattack disrupting their IT systems, forcing operations into a degraded mode. The incident reduced production capacity and caused intermittent supply difficulties for certain clients, while some employees were unable to access workstations. Specialized IT teams worked continuously to restore affected servers across multiple business branches. Management emphasized minimizing employment impacts for hundreds of workers and temporary staff, with emergency meetings convened to address operational challenges.
| CIA Posture | Motives | Tactics, Techniques & Procedures |
|---|---|---|
| Available to members | 2 motives | 3 techniques |
| Threat Actors | Type | Location |
|---|---|---|
| 0 actors | Available to members | Available to members |
Description
The cyber incident impacting the Eureden group, including its subsidiary Aubret, began on March 17, 2022. Attackers compromised a portion of the cooperative's servers across multiple business branches, disrupting operations at Aubret's charcuterie manufacturing facility in Saint-Mars-la-Jaille. While no complete operational shutdown occurred, the plant transitioned to degraded operational capacity due to disconnected critical applications. This degradation prevented some employees from accessing workstations and forced production reductions. By March 21, specialized IT teams remained onsite working continuously to restore affected servers, indicating sustained system compromise. The attack created supply chain disruptions, with management acknowledging intermittent difficulties fulfilling orders for certain clients.
Eureden's response prioritized server restoration and workforce stability. Patrick Lefranc, Aubret's director, publicly committed to minimizing employment impacts for the site's 680 workers, including approximately 100 temporary staff. The company scheduled an extraordinary meeting of the Social and Economic Committee for March 22 to address workforce concerns stemming from operational limitations. No data theft or ransomware elements were disclosed in available reporting. The cooperative-wide attack scope affected multiple Eureden divisions beyond Aubret, though technical containment measures and forensic findings remained unspecified in public communications. Production constraints persisted at least four days post-incident with no confirmed recovery timeline provided.