European Tourist Sites - Thousands Affected by Breach

What Happened

In early March 2026, a significant cyberattack targeted the online ticketing platform Vivaticket's French subsidiary, Irec SAS. This breach disrupted online reservations for nearly 3,500 museums, monuments, and cultural sites across Europe, including famous locations like the Louvre, Eiffel Tower, and Notre-Dame de Paris. The attack was claimed by the RansomHouse ransomware operation, which listed Irec on its leak site.

Who's Affected

The breach has impacted a wide range of cultural institutions and tourist attractions across Europe. Visitors attempting to book tickets online faced disruptions, and many organizations are still grappling with the aftermath. The French Ministry of Culture is currently assessing the financial implications for the affected sites.

What Data Was Exposed

The data stolen during the breach includes:

• Full names
• Purchase history
• Reservation details
• Email addresses
• Login timestamps
• Account metadata
• Country of residence

While the attackers claimed to have accessed sensitive information, Vivaticket has confirmed that there is no evidence of credit card or banking details being compromised.

What You Should Do

For individuals and organizations affected by this breach, it’s essential to take the following steps:

• Monitor your accounts for any suspicious activity.
• Change passwords for any accounts associated with the affected ticketing services.
• Stay informed by following updates from Vivaticket and the French National Cyber Security Directorate.

As investigations continue, the focus will be on ensuring the security of customer data and restoring normal operations across the impacted sites.