Multinational energy management company Schneider Electric reported a cyberattack, its third incident in 18 months, according to the company. The attackers claimed responsibility for a new ransomware variant and demanded $150,000 in Monero cryptocurrency.
The attackers obtained over 40 gigabytes of data from Schneider Electric’s JIRA platform, including projects, issues, and user data, which could contain sensitive or proprietary information about employees or major projects. No further details on the stolen data were released.
In a statement, Schneider Electric stated that its Global Incident Response team is investigating the incident and that its products and services remain unaffected. The company has previously been targeted by ransomware groups Cactus in January 2023 and Cl0p in June 2022.
The attackers published records they claim to be from the Jordan Ministry of Education and Tanzania’s College of Business Education, but it is unclear if these are genuine or part of a distraction tactic. Schneider Electric’s CEO Olivier Blum took over this week after Peter Herweck was ousted from the role, sparking speculation about potential motives behind the attack.
The incident highlights the growing threat of ransomware attacks on large corporations and the need for robust cybersecurity measures to prevent such incidents.
Source: https://cyberscoop.com/schneider-electric-energy-ransomware-hellcat