The Fasana case demonstrates how a lack of digital resilience can sink an industrial business, even without handling critical data.
The German company Fasana, with over a century of producing napkins for the hospitality sector, collapsed after a ransomware attack that shut down all its systems on May 19th. The incident not only impacted its IT infrastructure but revealed a critical deficiency: the absence of a solid operational continuity strategy and cloud digitalization.
Within less than 24 hours, Fasana’s systems became unusable: computers encrypted, printers printing ransom notes, staff unable to access basic tools. First-day losses exceeded €250,000, and within two weeks, they had accumulated over €2 million. The company, recently acquired by Powerparc, filed for insolvency in June.
Ransomware as a trigger for bankruptcy
The incident was not an isolated or “technical problem” but a structural failure in the organization’s digital resilience. For days, it was impossible to issue invoices, manage orders, or even print delivery notes. Business operations were completely halted, highlighting a high dependency on local systems without cloud backups.
“When you can’t even print a delivery note, you’re out of the game,” said Dirk Wegener, insolvency administrator. The firm is now seeking a buyer, with only eight weeks to avoid definitive closure.
Where did Fasana fail?
From a technological perspective, Fasana’s case highlights several common errors in industrial environments:
- Local infrastructure without segmentation or redundancy.
- Lack of cloud strategy or hybrid backup.
- Absence of automated incident response.
- Unacceptable recovery times (more than 10 days to resume minimal activity).
In contrast, companies with hybrid or cloud-based deployments can keep at least part of their supply chain operational, reducing the direct impact on customers and cash flow.
No group has claimed responsibility for the attack
So far, no known ransomware gang has claimed the attack, but German police sources suggest purely financial motives. The entry vector remains unknown: it’s unclear whether phishing, vulnerability exploitation, or compromised credentials were involved. What is certain is that there was no quick containment capacity, which was enough to trigger disaster.
The role of cloud in industrial resilience
In a context where cyberattacks impact financial, educational, and industrial sectors alike, adopting cloud infrastructures ceases to be a luxury and becomes a strategic obligation.
Hybrid cloud models, Backup as a Service (BaaS), Disaster Recovery as a Service (DRaaS), and Zero Trust solutions can mean the difference between agile recovery or insolvency.
Fasana did not handle sensitive data nor develop critical technology. It manufactured napkins. Yet, it fell victim to its own digital vulnerability. Its case reminds us that any organization relying on its systems — regardless of sector — needs a cloud-first strategy combined with proactive response plans.
Lessons for industry
- Review on-prem infrastructure: Is it segmented and monitored?
- Adopt cloud backup: quick recovery means survival.
- Conduct attack simulations and response drills: training reduces downtime.
- View cloud as business continuity, not just digital transformation.
Today, Fasana’s former digital campus — its website — still shows errors and inaccessible content. It’s a symbolic sign: neglecting digital infrastructure can even make paper burn in the malware storm.
Source: Security news