Data leak at Vivaticket following a ransomware attack
On 2 March 2026, ticketing platform Vivaticket disclosed a RansomHouse ransomware attack that exfiltrated customer data — names, emails, postal codes and purchase history — affecting users of 3,500 partner venues including the Louvre and the BnF.
- Victim
- Vivaticket
On 2 March 2026, Vivaticket — a ticketing and access-control platform that manages roughly 850 million tickets a year for more than 3,500 cultural and entertainment venues across some 50 countries — informed its customers that it had suffered a ransomware attack and an associated data leak. The intrusion disrupted online booking for high-profile institutions including the Louvre, the Bibliothèque nationale de France (BnF) and the Centre des monuments nationaux.
The RansomHouse group claimed responsibility. According to reporting, the attackers gained their foothold through the infrastructure of Irec SAS, an entity closely associated with the ticketing provider, before exfiltrating confidential customer records. Vivaticket said it found no evidence that banking or credit-card information had been accessed.
The exposed data is reported to include:
- Full names
- Email addresses
- Purchase history and reservation details
- Country of residence and postal codes
- Account metadata and login timestamps
Vivaticket isolated the affected servers, began restoring systems from backups, and engaged France's national cyber-security agency (ANSSI) and law enforcement for a forensic review of the stolen data. Affected venues began notifying their own customers of the potential exposure of personal information. With millions of platform users potentially impacted, the precise number of affected individuals had not been confirmed at the time of disclosure.
Sources
- fuitesinfos.frhttps://fuitesinfos.fr/article/2026-03-10-vivaticket
- cybernews.comhttps://cybernews.com/cybercrime/ransomware-attack-on-vivaticket-disrupts-louvre-and-major-european-museums/
- cpomagazine.comhttps://www.cpomagazine.com/cyber-security/ransomware-attack-on-vivaticket-disrupts-online-bookings-at-european-museums-and-monuments/