The RA Group Strikes Fauconnier with Ransomware
Incident Date:
April 11, 2024
Overview
Title
The RA Group Strikes Fauconnier with Ransomware
Victim
Fauconnier
Attacker
Ra Group
Location
First Reported
April 11, 2024
Ransomware Attack on Fauconnier
Company Profile
FAUCONNIER is a French company founded in 1829 specializing in blending and bottling spirits. It operates from a 60,000 m² site with a 3.5 million bottle warehouse capacity and 4 production lines. With a daily capacity of 130,000 bottles, it produces 25 million bottles annually. The company holds IFS and BRC certifications and is located in Marconne, France, with 51-200 employees. It competes with 50 other companies in the spirits industry.
Attack and Vulnerabilities
In the ransomware attack on Fauconnier by the RA group, 270 GB of sensitive data was exfiltrated. This data includes financial documents, sales materials, production documents, and legal documents, posing serious implications for Fauconnier's operations and security.
Fauconnier, being a prominent player in the manufacturing and distribution of spirits, may have been targeted by the RA group due to the sensitive nature of their operations and the valuable data they possess. The company's extensive international reach and high volume of exports could make them an attractive target for ransomware attacks, as threat actors seek to exploit vulnerabilities in their systems to exfiltrate data and demand ransom.
Sources:
Recent Ransomware Attacks
The Recent Ransomware Attacks (RRA) site acts as a watchtower, providing you with near real-time ransomware tracking of attacks, groups and their victims. Given threat actors’ overarching, lucrative success so far, ransomware attacks have become the most ubiquitous, and financially and informationally impactful cyber threat to businesses and organizations today.
The site’s data is generated based on hosting choices of real-world threat actors, and a handful of other trackers. While sanitization efforts have been taken, we cannot guarantee 100% accuracy of the data. Attack updates will be made as source data is reported by reputable sources. By viewing, accessing, or using RRA you acknowledge you are doing so at your own risk.