Hackers Target Sensitive Corporate Data 

Uploaded on 2024-11-11 in TECHNOLOGY--Hackers, FREE TO VIEW

The French multinational energy and automation management company Schneider Electric has recently suffered a severe cyber attack, and the hackers claimed to have stolen data from the firm’s corporate server server.The incident involved unauthorised access to sensitive data, including employee and customer information.

Schneider Electric operates in over 100 companies across a number of industries, providing electrification, digitisation, automation, and installation solutions.

A hacking group calling itself @Grepcn  claimed on social media platform X to have successfully breached the company's systems. "Hey @SchneiderElec how was your week? Did someone accidentally steal your data and you noticed, shut down the services and restarted without finding them? Now you shut down again but the criminals seem to have taken more juicy data.."

In another post published on a Dark Web forum, the threat actor claimed they had stolen 40GB of sensitive data from Schneider Electric's internal systems. The hackers have now demanded that France’s Schneider Electric pay a $125,000 ransom in payable baguettes. If the ransom demands aren’t fulfilled, the threat is that sensitive data, including information about company projects, staff, and user data, will be  dumped . 

According to reports the hackers the stolen info includes: “critical data, including projects, issues, and plugins, along with over 400,000 rows of user data,” undertsood to be 40GB. However, the hackers indicated, that should Schneider publicly admit to this latest data breach, the ransom would be cut in half. The incident was first brought to light on 2 November when the HellCat ransomware collective posted to their leak site on the Dark Web claiming to have breached Schneider Electric’s infrastructure.

This  incident is the second attack on Schneider Electric in nine months following a ransomware attack on the firm’s sustainability division by another hacking group going by the name Cactus. They claimed to have stolen around 1.5TB of data, after uploading 25MB of stolen data, including images of US citizens passports and scans of non-disclosure agreements, to its Dark Web leak site to establish the veracity of its claims.

Schneider has said that the attack was limited to its sustainability division and that it had informed potentially at-risk customers of the breach.

@Grepcn   |   ITPro   |   TomsHardware   |    Computing   |    Silicon Angle   |    Bleeping Computer  

Image: @SchneiderElec 

You Might Also Read: 

Are Businesses Adopting A ‘Titanic Mindset’ To Data Recovery?:

If you like this website and use the comprehensive 7,000-plus service supplier Directory, you can get unrestricted access, including the exclusive in-depth Directors Report series, by signing up for a Premium Subscription.

  • Individual £5 per month or £50 per year. Sign Up
  • Multi-User, Corporate & Library Accounts Available on Request

Cyber Security Intelligence: Captured Organised & Accessible

 

« Testing APIs Against The OWASP LLM Top 10
Ai-Da - The Robot Artist »

CyberSecurity Jobsite
Check Point
Cyrin

Real Attacks. Real Tools. Real Scenarios.
Schedule a demo

Sign Up: Cyber Security Intelligence Newsletter

Directory of Suppliers

CSI Consulting Services

CSI Consulting Services

Get Advice From The Experts: * Training * Penetration Testing * Data Governance * GDPR Compliance. Connecting you to the best in the business.

BackupVault

BackupVault

BackupVault is a leading provider of automatic cloud backup and critical data protection against ransomware, insider attacks and hackers for businesses and organisations worldwide.

Alvacomm

Alvacomm

Alvacomm offers holistic VIP cybersecurity services, providing comprehensive protection against cyber threats. Our solutions include risk assessment, threat detection, incident response.

NordLayer

NordLayer

NordLayer is an adaptive network access security solution for modern businesses — from the world’s most trusted cybersecurity brand, Nord Security. 

Authentic8

Authentic8

Authentic8 transforms how organizations secure and control the use of the web with Silo, its patented cloud browser.

TZ-CERT

TZ-CERT

TZ-CERT is the National Computer Emergence Response Team of Tanzania.

CISPA Helmholtz Center for Information Security

CISPA Helmholtz Center for Information Security

The CISPA Helmholtz Center for Information Security is a German national Big Science Institution within the Helmholtz Association. Our research encompasses all aspects of Information Security.

French Expert Center Against Cybercrime (CECyF)

French Expert Center Against Cybercrime (CECyF)

CECyF is a centre of excellence for countering cybercrime in France.

Privacy Analytics

Privacy Analytics

Privacy Analytics enables healthcare organizations to unleash the value of sensitive data for secondary purposes without compromising personal health information.

Clym

Clym

Clym is the data privacy platform that helps organisations meet their data protection obligations. Cookies, Consent, Requests, Policies and more are all managed in a secure and adaptive application.

Purple Security

Purple Security

Purple Security arises from the association of specialists in offensive security (ethical hackers, white hats) and experts in insurance, compliance and implementation of industry standards.

TeskaLabs

TeskaLabs

TeskaLabs is a software vendor of cybersecurity and data privacy products.

GroupSense

GroupSense

GroupSense helps governments and enterprises take control of digital risk with cyber reconnaissance, counterintelligence and monitoring for breached credentials.

AdaCore

AdaCore

AdaCore is focused on helping developers build safe, secure and reliable software.

Immunefi

Immunefi

Immunefi provides bug bounty hosting, consultation, and program management services to blockchain and smart contract projects.

TIM Enterprise

TIM Enterprise

TIM Enterprise offers innovative, sustainable and secure 360-degree digital solutions to companies and public administrations.

TrueBees

TrueBees

TrueBees is the first deepfakes detector able to detect AI-generated portraits shared on social media and to prevent their diffusion across the web.

ITRM

ITRM

ITRM are one of the UK’s top managed service providers and offer a range of award-winning IT solutions, from ad-hoc consultancy to cyber security.

DataGuard

DataGuard

DataGuard is a security and compliance software company trusted by organisations across the globe.

StrongDM

StrongDM

StrongDM is the leader in Zero Trust Privileged Access Management (PAM).

Quantum Dice

Quantum Dice

Quantum Dice is an award-winning venture-backed spinout from Oxford University’s world-renowned quantum optics laboratory.