November 5, 2024 at 03:58PM
Hackers known as “Hellcat” claim to have stolen over 40GB of sensitive data from Schneider Electric, demanding a $125,000 ransom. They breached the company’s Jira system and threatened to release the data if their demands are unmet. Schneider Electric is investigating, acknowledging unauthorized access but not confirming the theft.
### Meeting Takeaways:
1. **Incident Overview**: The threat group “Hellcat” claims to have breached Schneider Electric’s Jira issue tracking system, alleging the theft of sensitive data.
2. **Ransom Demand**: Hellcat is demanding a ransom of $125,000. They have indicated that this amount will be halved if Schneider Electric publicly acknowledges the breach.
3. **Data Compromised**: The hackers claim to have accessed over 40GB of data, including critical project information and over 400,000 rows of user data.
4. **Threat of Public Disclosure**: If Schneider Electric does not comply with their demand, the threat actors intend to make the stolen data public.
5. **Evidence Published**: One of the hackers has shared details on social media about how they infiltrated the Jira system.
6. **Company Response**: Schneider Electric has launched an investigation into the unauthorized access to its internal project execution tracking platform, mobilizing its global incident response team.
7. **Previous Incidents**: This is the third cybersecurity breach Schneider Electric has faced in less than two years, following incidents involving Cactus ransomware and the MOVEit zero-day vulnerability.
8. **Further Actions Required**: Continued monitoring of the situation is essential, along with assessing the potential impact on the company’s operations and reputation.