Cyber Incident Victim: Avril

On the night of December 11-12, 2024, the Quebec-based grocery chain Avril experienced a cyberattack that disrupted store operations across its 13 locations in Montérégie, Estrie, Quebec City, and Greater Montreal. The attack’s immediate effects became apparent during the weekend of December 14-15, when customers encountered significant delays due to a reduced number of operational checkout registers. Employees were forced to manually enter product codes at remaining registers, slowing transaction processing. Serge Gauthier, Avril’s Executive Vice President, confirmed the cyberattack via email on December 12, stating the company had initiated a thorough analysis with cybersecurity experts to assess compromised systems. While stores remained open, the attack caused moderate operational impacts, including the closure of some registers chain-wide. Gauthier emphasized Avril’s priority to restore normal operations promptly but did not specify technical details of the intrusion or identify threat actors.

The cyberattack primarily affected front-end retail systems, though backend e-commerce operations like order preparation and deliveries also risked potential delays. Avril stated it had no evidence of compromised personal data belonging to customers or employees as of December 12. The company acknowledged the incident underscored the necessity of adapting defenses against increasingly sophisticated cyber threats, citing similar attacks on food industry giants Sobeys and Maple Leaf Foods in November 2022. Gauthier confirmed Avril had already implemented enhanced security measures to prevent recurrence but did not disclose specific technical or procedural changes. The disruption highlighted operational vulnerabilities despite maintained store access, with manual workarounds mitigating but not eliminating customer inconvenience during peak shopping days.