Hackers Target Sensitive Corporate Data 

The French multinational energy and automation management company Schneider Electric has recently suffered a severe cyber attack, and the hackers claimed to have stolen data from the firm’s corporate server server.The incident involved unauthorised access to sensitive data, including employee and customer information.

Schneider Electric operates in over 100 companies across a number of industries, providing electrification, digitisation, automation, and installation solutions.

A hacking group calling itself @Grepcn  claimed on social media platform X to have successfully breached the company's systems. "Hey @SchneiderElec how was your week? Did someone accidentally steal your data and you noticed, shut down the services and restarted without finding them? Now you shut down again but the criminals seem to have taken more juicy data.."

In another post published on a Dark Web forum, the threat actor claimed they had stolen 40GB of sensitive data from Schneider Electric's internal systems. The hackers have now demanded that France’s Schneider Electric pay a $125,000 ransom in payable baguettes. If the ransom demands aren’t fulfilled, the threat is that sensitive data, including information about company projects, staff, and user data, will be  dumped . 

According to reports the hackers the stolen info includes: “critical data, including projects, issues, and plugins, along with over 400,000 rows of user data,” undertsood to be 40GB. However, the hackers indicated, that should Schneider publicly admit to this latest data breach, the ransom would be cut in half. The incident was first brought to light on 2 November when the HellCat ransomware collective posted to their leak site on the Dark Web claiming to have breached Schneider Electric’s infrastructure.

This  incident is the second attack on Schneider Electric in nine months following a ransomware attack on the firm’s sustainability division by another hacking group going by the name Cactus. They claimed to have stolen around 1.5TB of data, after uploading 25MB of stolen data, including images of US citizens passports and scans of non-disclosure agreements, to its Dark Web leak site to establish the veracity of its claims.

Schneider has said that the attack was limited to its sustainability division and that it had informed potentially at-risk customers of the breach.

@Grepcn   |   ITPro   |   TomsHardware   |    Computing   |    Silicon Angle   |    Bleeping Computer  

Image: @SchneiderElec 

You Might Also Read: 

Are Businesses Adopting A ‘Titanic Mindset’ To Data Recovery?:


If you like this website and use the comprehensive 7,000-plus service supplier Directory, you can get unrestricted access, including the exclusive in-depth Directors Report series, by signing up for a Premium Subscription.

  • Individual £5 per month or £50 per year. Sign Up
  • Multi-User, Corporate & Library Accounts Available on Request

Cyber Security Intelligence: Captured Organised & Accessible


 

« Testing APIs Against The OWASP LLM Top 10
Ai-Da - The Robot Artist »

Infosecurity Europe
CyberSecurity Jobsite
Perimeter 81

Directory of Suppliers

Clayden Law

Clayden Law

Clayden Law advise global businesses that buy and sell technology products and services. We are experts in information technology, data privacy and cybersecurity law.

Authentic8

Authentic8

Authentic8 transforms how organizations secure and control the use of the web with Silo, its patented cloud browser.

Resecurity

Resecurity

Resecurity is a cybersecurity company that delivers a unified platform for endpoint protection, risk management, and cyber threat intelligence.

TÜV SÜD Academy UK

TÜV SÜD Academy UK

TÜV SÜD offers expert-led cybersecurity training to help organisations safeguard their operations and data.

North Infosec Testing (North IT)

North Infosec Testing (North IT)

North IT (North Infosec Testing) are an award-winning provider of web, software, and application penetration testing.

ATIS Systems

ATIS Systems

ATIS Systems offers first-class complete solutions for legal interception, mediation, data retention, and IT forensics.

British Blockchain Association (BBA)

British Blockchain Association (BBA)

British Blockchain Association (BBA) is a not-for-profit organisation that promotes evidence-based adoption of Blockchain and Distributed Ledger Technologies (DLT) across the public and private sector

Avertro

Avertro

Avertro helps leaders manage the business of cyber. We help explain cybersecurity to executives, forecasting outcomes, right-sizing your spend, and validating your cyber strategy.

cleverDome

cleverDome

cleverDome has created the first community built and proven model that redefines the standards for protecting the most confidential data and information of consumers in the cloud.

Institute for Security and Technology (IST)

Institute for Security and Technology (IST)

The Institute for Security and Technology's goal is to provide the tools and insights needed for companies and governments to outpace emerging global security threats.

1898 & Co

1898 & Co

Keep your critical assets secure with a comprehensive portfolio of services from high-level assessments to fully managed security services designed for operational technology applications.

Spike Reply

Spike Reply

Spike Reply is the company within the Reply Group focusing on cybersecurity and personal data protection.

Open Data Security (ODS)

Open Data Security (ODS)

Open Data Security is a market leader in the information security sector, offering services to companies, governments and individuals, helping them shield from hackers and cyber attacks.

Winbond Electronics

Winbond Electronics

Winbond is a Specialty memory IC company. Product lines include Code Storage Flash Memory, TrustME® Secure Flash, Specialty DRAM and Mobile DRAM.

Air IT

Air IT

Air IT are a responsive, client-focused and award-winning Managed Service Provider, helping clients achieve success and transformation through their IT and communications.

RMC

RMC

RMC was purpose-built for Mission Assurance and ICS/OT cybersecurity, dedicated to strengthening and protecting government and commercial assets.

Heartland Business Systems (HBS)

Heartland Business Systems (HBS)

Heartland Business Systems serves commercial, public sector and small to medium business with results-driven and dedicated information technology services.

B2Bcert

B2Bcert

B2BCERT one of the top companies offering ISO 9001, ISO 14001, ISO 45001, ISO 22000, ISO 27001, ISO 20000,CE Marking, HACCP, and other globally accepted standards and Management solutions.

Nightwing

Nightwing

Nightwing is the intelligence services company that continually redefines the edge of the possible to keep advancing our national security interests.

Softcell Technologies Global

Softcell Technologies Global

Softcell is one of India's leading System Integrators. We serve enterprise customers in the areas of IT Security, Mobility, Optimised IT Infrastructure, Cloud and Engineering Services.

TeamSystem

TeamSystem

TeamSystem is a leading tech company in the market for digital business management solutions for companies and professionals.