Skip to content
RansomwareOngoing

Leak at Arsoé

A ransomware attack disclosed in late December 2024 crippled Arsoé de Soual, the agricultural IT provider hosting livestock-management software for ~30,000 farmers across some 22 French departments; systems were encrypted and a ransom demanded, with no data exfiltration detected.

Victim
Arsoé

On the night of 14-15 December 2024 (publicly reported around 27 December), Arsoé de Soual — an IT and digital-services provider based in the Tarn that hosts livestock-management software and animal-identification data for farmers across south-western France — was hit by a ransomware attack that paralysed its operations for weeks.

The attackers encrypted Arsoé's Windows servers and its backup systems, then made contact through an encrypted messaging channel to demand a ransom. On the advice of law-enforcement authorities, Arsoé did not pay. The organisation's core AS/400 system reportedly remained intact, and no data exfiltration was detected, though full recovery and rebuilding required considerable time.

The outage knocked out the Synel platform and related services used by roughly 30,000 livestock farmers across some 22 departments, blocking everyday and legally mandated tasks — milk recording, herd tracking, birth/entry/exit notifications, identification-card printing and ear-tag ordering. Farmers temporarily reverted to paper declarations while service was restored.

Affected by the disruption:

  • Livestock-management and herd-tracking software (Synel)
  • Animal-identification and notification services (births, entries, exits)
  • Milk recording and growth-monitoring services
  • Identification-card printing and ear-tag ordering

Status: ongoing recovery at the time of reporting; ransom not paid, with no confirmed data leak.

Sources

  1. ladepeche.frhttps://www.ladepeche.fr/2024/12/27/agriculture-larsoe-specialiste-des-services-numeriques-aux-eleveurs-victime-dune-cyberattaque-12413861.php
  2. lafranceagricole.frhttps://www.lafranceagricole.fr/elevage/article/876452/30-000-eleveurs-touches-par-une-cyberattaque
  3. solutions-numeriques.comhttps://www.solutions-numeriques.com/30-000-agriculteurs-victimes-dune-cyberattaque/
  4. france3-regions.franceinfo.frhttps://france3-regions.franceinfo.fr/nouvelle-aquitaine/haute-vienne/limoges/impossible-d-acceder-a-cette-page-cette-cyberattaque-qui-rend-la-vie-impossible-aux-eleveurs-du-sud-ouest-depuis-la-mi-decembre-3085180.html

Related incidents

RansomwareContained

Leak at Atos

On 28 December 2024, the Space Bears ransomware group claimed to have compromised an Atos database; the French IT giant investigated and concluded its own systems were not breached, attributing the leaked Atos-related data to a compromised external third-party infrastructure.

Victim
Atos