- The company is currently investigating the attack
- The hacker claims to have stolen 40 GB of compressed data
- Schneider Electric's Jira system was breached
Schneider Electric has confirmed suffering its second cyberattack and data leak in recent months.
Earlier this week, a threat actor alias Greppy added a new post on X, claiming to have breached the corporation:
“Hey Schneider Electric, how was your week? Did someone accidentally steal your data and you noticed, shut down the services and restarted without finding them? Now you shut down again but the criminals seem to have taken more juicy data,” the tweet reads.
Hiding the IP address
This prompted BleepingComputer to reach out to the company with further questions.
"Schneider Electric is investigating a cybersecurity incident involving unauthorized access to one of our internal project execution tracking platforms which is hosted within an isolated environment," the firm told the publication. "Our Global Incident Response team has been immediately mobilized to respond to the incident. Schneider Electric's products and services remain unaffected."
Greppy also posted the loot on a dark web site, saying they accessed the company’s Atlassian Jira system.
“This breach has compromised critical data, including projects, issues, and plugins, along with 400,000 rows of user data, totaling more than 40GB compressed data,” the ad reads. “To secure the deletion of this data and prevent its public release, we require a payment of $125,000 USD in Baguettes,” the hackers said.
Obviously, the attacker doesn’t want hundreds of thousands of baguettes - it’s a joke, since Schneider Electric is a French business. Instead, they just want the victim company to acknowledge the breach within 48 hours. Since the company did just that, let’s see if Greppy keeps their word.
Schneider Electric is a multinational corporation specializing in energy management and automation solutions. It builds technologies and services that increase efficiency and sustainability across various sectors, including buildings, data centers, and infrastructure.
Via BleepingComputer
You might also like
- Cactus ransomware hackers say they stole terabytes of Schneider Electric data
- Here's a list of the best firewalls today
- These are the best endpoint protection tools right now