November 5, 2024 at 04:56PM
Schneider Electric is investigating a breach by the ransomware group Hellcat, which claims to have stolen over 40 GB of data and demands $125,000 in baguettes. The breach affects critical data and user information accessed through the company’s Atlassian Jira system. This marks Schneider’s third breach in two years.
**Meeting Takeaways: Schneider Electric Ransomware Breach**
1. **Breach Confirmation**: Schneider Electric is currently investigating a ransomware attack from the group Hellcat, which claims to have stolen over 40 GB of compressed data.
2. **Ransom Demand**: Hellcat has demanded payment of $125,000 in baguettes, a humorous but serious demand reflecting the unusual nature of the ransom request.
3. **Data Compromised**: The breach includes critical project-related data, issues, plugins, and over 400,000 rows of user data.
4. **Method of Access**: Hellcat claims to have accessed Schneider Electric’s infrastructure through the company’s Atlassian Jira system.
5. **Threats Made**: The attackers have threatened to release the compromised information if their demands are not met, while stating that acknowledging the breach could result in a 50% reduction in the ransom amount.
6. **Leadership Context**: Olivier Blum has recently been announced as Schneider Electric’s new CEO, making this ransomware incident a challenging situation for him in his first week.
7. **Previous Breaches**: This marks Schneider Electric’s third significant breach in less than two years, following incidents involving Cactus ransomware and the CL0P ransomware crew.
8. **Data Leaked by Hellcat**: On the same day as the Schneider incident, Hellcat also leaked data belonging to Jordan’s Ministry of Education and Tanzania’s College of Business Education.
**Action Items**:
– Further investigation into the breach and communication with cybersecurity teams is crucial.
– Consider potential responses and strategies for dealing with the ransom demand.
– Monitor the situation for updates and prepare for potential public relations fallout.