A ransomware group known as Hellcat has breached Schneider Electric’s internal project tracking platform, claiming to have accessed over 40GB of compressed data. The attackers demanded $125,000 in baguettes be paid for the safe return of sensitive customer and operational information.
The breach occurred via the company’s Atlassian Jira system and compromised critical data, including projects, issues, and user data. Schneider Electric confirmed the incident, stating its Global Incident Response team is investigating and that products and services remain unaffected.
The attackers threatened to release the compromised information unless their demand is met. The group claimed ownership of a leak site featuring over 400,000 rows of user data. A spokesperson for Schneider Electric declined to comment on specific demands, but assured the company is taking the incident seriously.
Source: https://www.theregister.com/2024/11/05/schneider_electric_cybersecurity_incident