Hackers Target Sensitive Corporate Data
The French multinational energy and automation management company Schneider Electric has recently suffered a severe cyber attack, and the hackers claimed to have stolen data from the firm’s corporate server server.The incident involved unauthorised access to sensitive data, including employee and customer information.
Schneider Electric operates in over 100 companies across a number of industries, providing electrification, digitisation, automation, and installation solutions.
A hacking group calling itself @Grepcn claimed on social media platform X to have successfully breached the company's systems. "Hey @SchneiderElec how was your week? Did someone accidentally steal your data and you noticed, shut down the services and restarted without finding them? Now you shut down again but the criminals seem to have taken more juicy data.."
In another post published on a Dark Web forum, the threat actor claimed they had stolen 40GB of sensitive data from Schneider Electric's internal systems. The hackers have now demanded that France’s Schneider Electric pay a $125,000 ransom in payable baguettes. If the ransom demands aren’t fulfilled, the threat is that sensitive data, including information about company projects, staff, and user data, will be dumped .
According to reports the hackers the stolen info includes: “critical data, including projects, issues, and plugins, along with over 400,000 rows of user data,” undertsood to be 40GB. However, the hackers indicated, that should Schneider publicly admit to this latest data breach, the ransom would be cut in half. The incident was first brought to light on 2 November when the HellCat ransomware collective posted to their leak site on the Dark Web claiming to have breached Schneider Electric’s infrastructure.
This incident is the second attack on Schneider Electric in nine months following a ransomware attack on the firm’s sustainability division by another hacking group going by the name Cactus. They claimed to have stolen around 1.5TB of data, after uploading 25MB of stolen data, including images of US citizens passports and scans of non-disclosure agreements, to its Dark Web leak site to establish the veracity of its claims.
Schneider has said that the attack was limited to its sustainability division and that it had informed potentially at-risk customers of the breach.
@Grepcn | ITPro | TomsHardware | Computing | Silicon Angle | Bleeping Computer
Image: @SchneiderElec
You Might Also Read:
Are Businesses Adopting A ‘Titanic Mindset’ To Data Recovery?:
If you like this website and use the comprehensive 7,000-plus service supplier Directory, you can get unrestricted access, including the exclusive in-depth Directors Report series, by signing up for a Premium Subscription.
- Individual £5 per month or £50 per year. Sign Up
- Multi-User, Corporate & Library Accounts Available on Request
- Inquiries: Contact Cyber Security Intelligence
Cyber Security Intelligence: Captured Organised & Accessible