The impact of the cyber attack on Duvel Moortgat brewery

Published on:
July 8, 2024
Use case

What kind of cyber attack was the Duvel Moortgat dealing with?


In March 2024, Duvel Moortgat, one of Belgium's best-known breweries, was hit by a hostage software or ransomware attack carried out by the Stormous group.

Soon Duvel Moortgat shut down their servers, this resulted in the shutdown of production at several breweries, both in Belgium and the United States.

The hackers claimed to have stolen 88 gigabytes of data, including sensitive company documents and employee personal information such as passports.

How did the ransomware attack at Duvel Moortgat happen?

The attack was carried out through ransomware, with the hackers gaining access to Duvel Moortgat brewery's IT systems. Although the exact vulnerability that was exploited has not been made public, it is suspected that access may have been gained through a vulnerability in the network of one of their international offices.

Once inside, the hackers encrypted the data and demanded a ransom to release the data again. This type of attack is often amplified by weaknesses in security systems or inadequate detection of suspicious activity.

What were the consequences for Duvel Moortgat?

The impact of the attack was significant. Production in several Belgian breweries, including those of well-known brands such as Duvel, La Chouffe, Liefmans and De Koninck, was halted.

Although there was enough stock to temporarily meet demand, there was a loss of production. In addition, Duvel Moortgat refused to pay the ransom, after which the stolen data was made public, potentially causing further reputational damage.

Although there are no reports of fines related to the GDPR yet, the theft of personal data always poses a risk of penalties under European privacy laws.

How could this have been prevented?

Such attacks can be prevented in many cases by a layered approach to cybersecurity, such as:

  • Regular security audits: Conducting periodic tests of networks and systems can help detect vulnerabilities in a timely manner.
  • Advanced detection systems: The ransomware attack was detected by an automated system, which was good, but proactive detection and prevention systems might have repelled the attack earlier.
  • Backups and recovery plans: Fortunately, Duvel Moortgat was able to recover quickly thanks to good backups, but implementing even more robust backup systems could have potentially reduced downtime further.
  • Staff training: Many cyber attacks start with human error, such as phishing. Regular employee training on cybersecurity can help minimize risk.

Prevent such an attack on your organization in a timely manner?

Then take advantage of our pentesting services and undertake a thorough cybersecurity audit on your business. That way, you can identify the risks in a timely manner and not have to spend millions on remediation like the Duvel Moortgat.

Do you also want to protect your business from such risks? Contact us today and prevent your organization from becoming the next victim.