Cyber Incident Victim: Mr Bricolage

On September 24, 2020, Mr. Bricolage's headquarters in La Chapelle-Saint-Mesmin, Loiret, experienced a ransomware attack that disrupted core operational systems while sparing its 850 affiliated retail stores. The malware blocked telephone lines, email communications, and office software suites, preventing headquarters staff from performing routine functions. Attackers exploited Windows BitLocker functionality to encrypt data on compromised machines, a deviation from typical ransomware methods. Internal networks hosted at the central office were rendered inaccessible, though store-level operations continued through alternative channels. The company urgently established an isolated emergency IT room without external connectivity to maintain remote management of affiliated stores and preserve business continuity. Mr. Bricolage confirmed the cyberattack occurred the preceding week and mobilized technical teams to restore network access for employees. No evidence emerged suggesting personal data exfiltration or disclosure during forensic examinations.

The attack followed emerging "Big Game Hunting" tactics targeting enterprises capable of paying substantial ransoms, with demands reportedly scaled to the victim's financial capacity. Mr. Bricolage's 2019 revenue of €247.1 million (+2.5% YoY) and workforce of 493 employees made it a strategically selected target. Attackers demanded payment in exchange for decryption keys to unlock encrypted systems. The company filed a criminal complaint to identify perpetrators and determine attack circumstances while notifying France's National Commission on Informatics and Liberty (CNIL) about the breach. France's National Cybersecurity Agency (ANSSI) had documented 104 ransomware incidents in 2020 prior to this attack, reflecting broader targeting of French enterprises. Business impacts were confined to headquarters operations, with no reported service interruptions at retail locations during the incident response period.