Cyber Incident Victim: Boostheat
Date:
Feb 2025
Location:
France
Summary
Boostheat suffered a massive ransomware attack that encrypted data in an extortion attempt. The company refused to pay the ransom, filed a complaint with authorities and engaged a specialized firm to analyze the incident. Thanks to effective backup systems, no critical data was lost and remedial measures were implemented to prevent future attacks. The attack did not affect the company’s key patent family related to hybrid compression technology.
| CIA Posture | Motives | Tactics, Techniques & Procedures |
|---|---|---|
| Available to members | 1 motive | 1 technique |
| Threat Actors | Type | Location |
|---|---|---|
| 0 actors | Available to members | Available to members |
Description
On 26 February 2025 Boostheat disclosed that it had suffered a massive cyberattack involving ransomware that encrypted computer data. The company stated it never intended to pay the ransom and filed a complaint with the relevant authorities. It engaged a specialized consultancy to conduct a thorough analysis of the potential consequences. The attack occurred while the company was preparing to focus on its hybrid compression patent family per its roadmap announced the same day. Boostheat is a French industrial and software company active in energy efficiency, founded in 2011 and listed on Euronext Growth Paris.
Thanks to an effective backup system, Boostheat confirmed that no critical data was lost as a result of the encryption. The company said it had taken the necessary measures to protect against a future attack. It emphasized that the ransomware incident did not affect its most promising patent family related to hybrid compression, which remained central to its valorization plans. The incident was disclosed publicly on 27 March 2025 in a financial communication. No further details about the attackers, specific systems affected, or ransom amount were provided in the source.