Cyber Incident Victim: Maison d'Accueil les Quatre Vents
Date:
May 2025
Location:
Belgium
Summary
Maison d'Accueil les Quatre Vents suffered a cyber attack that destroyed a large portion of its computer data. The organization has temporarily disconnected from external networks to focus on recovery and will be less responsive to requests, advising urgent contact by phone. Administrative staff are working to restore systems and preserve any recoverable information. They have refused to meet the hacker’s ransom demand of approximately 5000 euros and have filed a complaint with the local police, who are expected to arrive soon. The group is seeking affordable network security experts and invites contacts via private message.
| CIA Posture | Motives | Tactics, Techniques & Procedures |
|---|---|---|
| Available to members | 1 motive | 1 technique |
| Threat Actors | Type | Location |
|---|---|---|
| 0 actors | Available to members | Available to members |
Description
On May 1, 2025, Maison d'Accueil les Quatre Vents announced that it had suffered a cyber‑attack. The attack destroyed a large portion of the organization's computer data. As a result, the ASBL decided to temporarily disconnect from external networks. This disconnection was undertaken to attempt to restore the affected systems. While the connection remains severed, the organization will be less responsive to incoming requests. For urgent matters, the post advised contacting the organization by telephone instead of online channels.
The administrative team is actively working to bring the systems back online and to preserve any data that can still be recovered. The organization stated that it will not pay the ransom demand, which the attacker reportedly set at approximately 5,000 euros. A formal complaint has been lodged with the local police authority. The post indicated that the organization is awaiting the police's arrival to begin their investigation. In addition, the ASBL requested that anyone aware of affordable network‑security specialists share their contact details via private message. No further details about the attack vector, the specific data lost, or the timeline for full restoration were provided in the announcement.