When staff arriving for work at Stuart Holmes salon in Cheltenham switched on the computers, they knew something was wrong.
Instead of booting up properly, their screens were locked, with a ransom note.
It said that all their files were now encrypted, and the only way to get them back was to pay a ransom.
For owner Sara Holmes it created a logistical nightmare. She employs 50 staff, who see 150 customers a day. Now everything was gone. Client lists, appointments, the works.
Losing their data meant the salon did not know who had appointments nor could it call them because that data was encrypted too.
They contacted the National Fraud Intelligence Bureau which advised them not to pay the ransom.
Action Fraud, which is the online reporting centre for the National Fraud Intelligence Bureau says on its website that ransoms should not be paid.
Sarah has now paid the ransom, almost £1,600 - and says they are starting to get their data back.
But they now need to contact customers who made appointments during the four days that their computers were out of action.
And they are warning other businesses to beware of the scam, and if in doubt to consult a web security expert.
Advice on how to prevent or report cyber crime can be found here.