LinkedIn Carousel - #CyberWeekly Week 15

Ransom at the Louvre

RansomHouse hit 3,500 European cultural sites — Louvre, Eiffel Tower, Notre-Dame. Visitor data stolen.

RansomHouse Hits the Louvre & 3,500 European Sites

Platform: AI Writes Your Security Policies

Fountain: Belgian Listed Company Hit by Ransomware

Easy Cyber Protection

1/3

RansomHouse hits the Louvre, Eiffel Tower, and 3,500 European cultural sites via one ticketing vendor

A ransomware attack on Vivaticket's French subsidiary Irec SAS disrupted online reservations at nearly 3,500 museums, monuments, and cultural sites across…

What was stolen: visitor full names, purchase history, reservation details, email addresses, login timestamps, and account metadata. Vivaticket confirmed no credit card or banking data was accessed
How one vendor hit 3,500 institutions: Vivaticket operates a shared ticketing platform across European cultural institutions. Breaching the vendor's subsidiary was enough to expose data from every client. Classic supply chain leverage
Still disrupted: online booking services remained unavailable at some affected sites while Vivaticket, the French national cybersecurity agency ANSSI, and law enforcement assessed the damage

SC Media: full report → https://www.scworld.com/brief/thousands-of-european-tourist-sites-impacted-by-ticketing-platform-breach

2/3

Platform Spotlight: AI writes your security policies — section by section

This week we shipped the biggest AI upgrade to date: the Policy Wizard now generates your security policies section by section using Cloudflare AI, and TARS…

Graph-first generation: start with a configure step — set the policy title and scope criteria. The wizard maps your organisation's entity types and builds each section in sequence with real placeholder fields for names, dates, and specific values
Universal entry point: any new policy or procedure page now shows the AI generator. Whether you are starting from scratch or from a skeleton template, the AI meets you where you are
TARS document assistant — now smarter: TARS runs on Gemma 4 with auto thinking mode and can now surgically edit any wiki section. Describe what you want changed; TARS patches only that passage and leaves the rest untouched

Try the AI Policy Generator → https://easycyberprotection.com/app

3/3

Dragonforce ransomware hits Fountain — a Belgian stock-listed company that serves your office coffee

Fountain, a Belgian publicly-listed company specialising in workplace coffee services, confirmed a ransomware attack involving unauthorised access and data exfiltration.

The attacker: Dragonforce is a Malaysia-based ransomware-as-a-service cartel that emerged in late 2023. It operates as a white-label distributor — any affiliate can use their infrastructure and branding. Over 363 victim organisations listed to date, with growing European reach
What Fountain said: unauthorised access to part of its IT environment, data extracted, investigation ongoing. The company does not expect significant financial impact at this stage and has filed a criminal complaint with Belgian authorities
Why it matters for SMEs: Fountain is not a hospital, a bank, or a government agency — it makes coffee machines. If Dragonforce targets workplace services companies, no sector is off their list. The risk model for your clients cannot assume "we are too small" or "we are too boring to hit"

Hendry Adrian: Fountain ransomware details → https://www.hendryadrian.com/belgian-listed-fountain-hit-by-ransomware-dragonforce-claims-attack-and-data-exfiltration/

Read the full issue

3 stories. Context that matters.
Belgian cybersecurity, weekly.

Scan to read online

https://easycyberprotection.com/cyberweekly/2026/week-15

Follow #CyberWeekly

easycyberprotection.com