Skip to content
Supply chainContained

Leak at Chateau royal de Blois / Maison de la Magie

The online ticketing data of visitors to the Château royal de Blois / Maison de la Magie was exposed in the breach of its provider Vivaticket (Tickeasy), leaking names, email and postal addresses, dates of birth, phone and fax numbers and VAT numbers.

Victim
Chateau royal de Blois / Maison de la Magie
SectorOther

On 13 April 2026, the Château royal de Blois / Maison de la Magie — the historic royal castle and adjacent magic museum in Blois, France — was confirmed as one of the cultural sites whose visitor data was exposed in the wider breach of online ticketing provider Vivaticket (operator of the Tickeasy platform used at chateaublois.tickeasy.com).

The incident was not a direct intrusion into the castle's own systems but a supply-chain compromise. In early March 2026, Vivaticket — a ticketing and access-control provider serving more than 3,500 organisations across over 50 countries — was hit by a ransomware attack, later claimed by the RansomHouse extortion group. The attackers gained access to customer databases hosted on the platform, exposing the personal records of visitors who had bought tickets through affiliated venues, the Château de Blois among them.

The exposed data for the venue's ticketing customers included:

  • Surname and first name
  • Email address
  • Date of birth
  • Phone number
  • Fax number
  • Postal address
  • VAT number

No banking or payment-card data is reported to have been involved. Following the provider-side compromise, affected French institutions notified their visitors and the breach was reported to the CNIL under GDPR. The exact number of Blois ticketing records exposed has not been publicly disclosed.

Sources

  1. frenchbreaches.comhttps://frenchbreaches.com/blog/piratage-de-vivaticket-des-millions-dutilisateurs-potentiellement-exposes
  2. usine-digitale.frhttps://www.usine-digitale.fr/cybersecurite/vivaticket-touche-par-une-cyberattaque-les-systemes-de-billetterie-de-3500-organisations-exposes.Q4C5WKTCUNASFH46BXOMEP6UBQ.html
  3. thesiteoueb.nethttps://www.thesiteoueb.net/actualite/amp-article-9447-donnees-piratees-le-louvre-lens-donne-l-alerte-apres-une-cyberattaque-chez-vivaticket.html

Related incidents

Supply chainContained

Leak at La Mine Bleue (via Vivaticket)

On 31 March 2026, French tourist attraction La Mine Bleue notified customers that their personal data — names, postal code/country, email and purchase history — was exposed in the ransomware breach of its ticketing provider Vivaticket; no banking data was affected.

Victim
La Mine Bleue
Supply chainOngoing

Leak at Musée des Arts et Métiers

Disclosed on 18 March 2026, the Musée des Arts et Métiers was caught up in the Vivaticket supply-chain ransomware breach, exposing online shop and ticketing customers' names, email addresses, account details and order history.

Victim
Musée des Arts et Métiers
Supply chainContained

Leak at Bibliothèque Nationale de France

A March 2026 ransomware attack on the Bibliothèque Nationale de France's third-party online ticketing provider exposed the names and email addresses of users who had booked cultural events; banking data, handled by a separate vendor, was not affected.

Victim
Bibliothèque Nationale de France