Hackers Target Sensitive Corporate Data 

The French multinational energy and automation management company Schneider Electric has recently suffered a severe cyber attack, and the hackers claimed to have stolen data from the firm’s corporate server server.The incident involved unauthorised access to sensitive data, including employee and customer information.

Schneider Electric operates in over 100 companies across a number of industries, providing electrification, digitisation, automation, and installation solutions.

A hacking group calling itself @Grepcn  claimed on social media platform X to have successfully breached the company's systems. "Hey @SchneiderElec how was your week? Did someone accidentally steal your data and you noticed, shut down the services and restarted without finding them? Now you shut down again but the criminals seem to have taken more juicy data.."

In another post published on a Dark Web forum, the threat actor claimed they had stolen 40GB of sensitive data from Schneider Electric's internal systems. The hackers have now demanded that France’s Schneider Electric pay a $125,000 ransom in payable baguettes. If the ransom demands aren’t fulfilled, the threat is that sensitive data, including information about company projects, staff, and user data, will be  dumped . 

According to reports the hackers the stolen info includes: “critical data, including projects, issues, and plugins, along with over 400,000 rows of user data,” undertsood to be 40GB. However, the hackers indicated, that should Schneider publicly admit to this latest data breach, the ransom would be cut in half. The incident was first brought to light on 2 November when the HellCat ransomware collective posted to their leak site on the Dark Web claiming to have breached Schneider Electric’s infrastructure.

This  incident is the second attack on Schneider Electric in nine months following a ransomware attack on the firm’s sustainability division by another hacking group going by the name Cactus. They claimed to have stolen around 1.5TB of data, after uploading 25MB of stolen data, including images of US citizens passports and scans of non-disclosure agreements, to its Dark Web leak site to establish the veracity of its claims.

Schneider has said that the attack was limited to its sustainability division and that it had informed potentially at-risk customers of the breach.

@Grepcn   |   ITPro   |   TomsHardware   |    Computing   |    Silicon Angle   |    Bleeping Computer  

Image: @SchneiderElec 

You Might Also Read: 

Are Businesses Adopting A ‘Titanic Mindset’ To Data Recovery?:


If you like this website and use the comprehensive 7,000-plus service supplier Directory, you can get unrestricted access, including the exclusive in-depth Directors Report series, by signing up for a Premium Subscription.

  • Individual £5 per month or £50 per year. Sign Up
  • Multi-User, Corporate & Library Accounts Available on Request

Cyber Security Intelligence: Captured Organised & Accessible


 

« Testing APIs Against The OWASP LLM Top 10
Ai-Da - The Robot Artist »

CyberSecurity Jobsite
Perimeter 81

Directory of Suppliers

CSI Consulting Services

CSI Consulting Services

Get Advice From The Experts: * Training * Penetration Testing * Data Governance * GDPR Compliance. Connecting you to the best in the business.

Cyber Security Supplier Directory

Cyber Security Supplier Directory

Our Supplier Directory lists 6,000+ specialist cyber security service providers in 128 countries worldwide. IS YOUR ORGANISATION LISTED?

XYPRO Technology

XYPRO Technology

XYPRO is the market leader in HPE Non-Stop Security, Risk Management and Compliance.

ON-DEMAND WEBINAR: What Is A Next-Generation Firewall (and why does it matter)?

ON-DEMAND WEBINAR: What Is A Next-Generation Firewall (and why does it matter)?

Watch this webinar to hear security experts from Amazon Web Services (AWS) and SANS break down the myths and realities of what an NGFW is, how to use one, and what it can do for your security posture.

North Infosec Testing (North IT)

North Infosec Testing (North IT)

North IT (North Infosec Testing) are an award-winning provider of web, software, and application penetration testing.

aeCERT

aeCERT

aeCERT is the national Computer Emergency Response Team for the United Arab Emirates.

Haltdos

Haltdos

Haltdos is an AI driven website protection service that secures websites against today's cyber threats.

QA

QA

QA is a leading IT training provider in the UK with over 1,500 courses covering all areas of IT including Cyber Security.

Totalsec

Totalsec

Totalsec is a Grupo Salinas company with a team of professionals in cybersecurity and information security providing Security Consulting, Solutions Integration, and Managed Security Services.

Philippine National Police Anti-Cybercrime Group (PNP-ACG)

Philippine National Police Anti-Cybercrime Group (PNP-ACG)

The mission of the PNP Anti-Cybercrime Group is to implement and enforce pertinent laws on cybercrime and other cyber related crimes and pursue an effective anti-cybercrime campaign.

Altaro Software

Altaro Software

Altaro provide backup solutions that are intuitive, easy to use, well-priced and backed by outstanding 24/7 support as part of the package.

Empiric

Empiric

Empiric is a multi-award winning technology and transformation recruitment agency specialising in data, digital, cloud and security.

Euro-Recycling

Euro-Recycling

Euro-Recycling is a leading UK provider of Secure On-Site Data Media Destruction Services.

Improsec

Improsec

Improsec is a fully independent Cyber Security advisory company - we provide knowledge, experience and both strategic and deep technical expertise to our clients.

Genius Guard

Genius Guard

Genius Guard specializes in DDoS Protection, DDoS Protected Webhosting, HYIP Hosting, Bitcoin Hosting, Cryptocurrency Hosting.

Depth Security

Depth Security

Depth Security assessment services provide organizations with real-world visibility into threats facing their infrastructure and applications.

Porto Research, Technology & Innovation Center (PORTIC)

Porto Research, Technology & Innovation Center (PORTIC)

PORTIC brings together several research centers and groups from P.PORTO in a single space, forming a superstructure dedicated to research, technology transfer, innovation and entrepreneurship.

Saffron Networks

Saffron Networks

Saffron Networks is an ISO-certified company. We assure our clients of reliable solutions, specifically with the Security landscape and Enterprise Networking.

Datapac

Datapac

Datapac is one of Ireland’s largest and most successful ICT solutions and services providers. We have been at the forefront of technology innovation in Ireland for the past three decades.

Nagomi Security

Nagomi Security

Nagomi is changing the way security teams balance risk and defense, empowering customers to focus on what matters now.

Mother Technologies

Mother Technologies

From Datacentre to Desktop, Mother Technologies has been delivering IT Support, Telecoms, Cybersecurity and Connectivity services to businesses across Scotland and beyond since 2002.