Schneider Electric has confirmed that its developer platform was breached after a hacker claimed to steal 40GB of data from the company’s JIRA server. The breach occurred when an attacker used exposed credentials to gain access and scrape over 400,000 rows of user data, including 75,000 unique email addresses and full names for Schneider Electric employees and customers.
The threat actor, known as “Grep,” has demanded $125,000 in exchange for not releasing the stolen data. However, they have rebranded themselves under a new name, Hellcat ransomware gang, and are now extorting Schneider Electric once again.
This incident is the latest breach of Schneider Electric’s systems, following a Cactus ransomware attack on its Sustainability Business division earlier this year. The company has assured that its products and services remain unaffected by the breach. A Global Incident Response team has been mobilized to respond to the incident, and investigations are ongoing.
Source: https://www.bleepingcomputer.com/news/security/schneider-electric-confirms-dev-platform-breach-after-hacker-steals-data