Hackers Target Sensitive Corporate Data 

Uploaded on 2024-11-11 in TECHNOLOGY--Hackers, FREE TO VIEW

The French multinational energy and automation management company Schneider Electric has recently suffered a severe cyber attack, and the hackers claimed to have stolen data from the firm’s corporate server server.The incident involved unauthorised access to sensitive data, including employee and customer information.

Schneider Electric operates in over 100 companies across a number of industries, providing electrification, digitisation, automation, and installation solutions.

A hacking group calling itself @Grepcn  claimed on social media platform X to have successfully breached the company's systems. "Hey @SchneiderElec how was your week? Did someone accidentally steal your data and you noticed, shut down the services and restarted without finding them? Now you shut down again but the criminals seem to have taken more juicy data.."

In another post published on a Dark Web forum, the threat actor claimed they had stolen 40GB of sensitive data from Schneider Electric's internal systems. The hackers have now demanded that France’s Schneider Electric pay a $125,000 ransom in payable baguettes. If the ransom demands aren’t fulfilled, the threat is that sensitive data, including information about company projects, staff, and user data, will be  dumped . 

According to reports the hackers the stolen info includes: “critical data, including projects, issues, and plugins, along with over 400,000 rows of user data,” undertsood to be 40GB. However, the hackers indicated, that should Schneider publicly admit to this latest data breach, the ransom would be cut in half. The incident was first brought to light on 2 November when the HellCat ransomware collective posted to their leak site on the Dark Web claiming to have breached Schneider Electric’s infrastructure.

This  incident is the second attack on Schneider Electric in nine months following a ransomware attack on the firm’s sustainability division by another hacking group going by the name Cactus. They claimed to have stolen around 1.5TB of data, after uploading 25MB of stolen data, including images of US citizens passports and scans of non-disclosure agreements, to its Dark Web leak site to establish the veracity of its claims.

Schneider has said that the attack was limited to its sustainability division and that it had informed potentially at-risk customers of the breach.

@Grepcn   |   ITPro   |   TomsHardware   |    Computing   |    Silicon Angle   |    Bleeping Computer  

Image: @SchneiderElec 

You Might Also Read: 

Are Businesses Adopting A ‘Titanic Mindset’ To Data Recovery?:

If you like this website and use the comprehensive 7,000-plus service supplier Directory, you can get unrestricted access, including the exclusive in-depth Directors Report series, by signing up for a Premium Subscription.

  • Individual £5 per month or £50 per year. Sign Up
  • Multi-User, Corporate & Library Accounts Available on Request

Cyber Security Intelligence: Captured Organised & Accessible

 

« Testing APIs Against The OWASP LLM Top 10
Ai-Da - The Robot Artist »

CyberSecurity Jobsite
Perimeter 81
Cyrin

Real Attacks. Real Tools. Real Scenarios.
Schedule a demo

Go Cyber

Training that transforms behaviours

Sign Up: Cyber Security Intelligence Newsletter

Directory of Suppliers

DigitalStakeout

DigitalStakeout

DigitalStakeout enables cyber security professionals to reduce cyber risk to their organization with proactive security solutions, providing immediate improvement in security posture and ROI.

IT Governance

IT Governance

IT Governance is a leading global provider of information security solutions. Download our free guide and find out how ISO 27001 can help protect your organisation's information.

Practice Labs

Practice Labs

Practice Labs is an IT competency hub, where live-lab environments give access to real equipment for hands-on practice of essential cybersecurity skills.

CSI Consulting Services

CSI Consulting Services

Get Advice From The Experts: * Training * Penetration Testing * Data Governance * GDPR Compliance. Connecting you to the best in the business.

Clayden Law

Clayden Law

Clayden Law advise global businesses that buy and sell technology products and services. We are experts in information technology, data privacy and cybersecurity law.

National Cyber Security Centre (NCSC) - Switzerland

National Cyber Security Centre (NCSC) - Switzerland

The National Cyber Security Centre is Swizerland's competence centre for cybersecurity and the first contact point for businesses, public administrations, and the public for cyber issues.

New Zealand Internet Task Force (NZITF)

New Zealand Internet Task Force (NZITF)

The New Zealand Internet Task Force (NZITF) is a non-profit with the mission of improving the cyber security posture of New Zealand.

S2T

S2T

S2T builds cyber intelligence solutions based on deep expertise in diverse domains such as intelligence, machine learning and AI, big data processing, statistics and linguistics.

Nameshield Group

Nameshield Group

Nameshield is one of most experienced domain name registrars, trademark protection specialists and managers of online reputational risk in the world today.

OpSec Security

OpSec Security

OpSec Online is the only brand protection solution that spans all channels so your brands are protected no matter what digital venue the criminals target.

OwnZap Infosec

OwnZap Infosec

OwnZap Infosec aims to digitally shield the cyberspace by offering services like Penetration Testing and Red Teaming, Infrastructure Security Testing, and Vulnerability Assessments.

KanREN

KanREN

KanREN is a member based consortium offering custom, world-class network services and support for researchers, educators, and public service institutions in the state of Kansas.

Cyrebro

Cyrebro

CYREBRO is your online cybersecurity central command managed SOC that integrates all your security events with strategic monitoring, proactive threat intelligence, and rapid incident response.

GuardDog.ai

GuardDog.ai

guardDog.ai has developed a cloud-based software service with a companion device that work together to simplify network security.

Psybersafe

Psybersafe

Psybersafe is a hands-on, behaviour-changing training system that keeps your people and your business cyber safe.

Mutare

Mutare

For three decades, Mutare has been empowering organizations to re-imagine a better way to connect through our transformative voice security, digital voice and text messaging solutions.

Certcube Labs

Certcube Labs

Certcube Labs provide a broad range of services in the areas of Assessments, Development, Risk Advisory, Blockchain, Forensics Investigations, Managed Security Solutions, and IT Security Trainings.

Teal Technology Consulting

Teal Technology Consulting

TEAL Technology Consulting is your trusted advisor for all your information security needs.

Sacumen

Sacumen

Sacumen is a niche player in the cybersecurity market, solving critical problems for security product companies.

Sasken Technologies

Sasken Technologies

Sasken’s Cybersecurity Services enables enterprises to develop, maintain, and take digital products to the market with security postures that empower operational excellence.

CHERI Alliance

CHERI Alliance

CHERI Alliance is an industry initiative spearheading the global adoption of the Capability Hardware Enhanced RISC Instructions (CHERI) security technology across the computing industry.