January 31, 2024 at 10:00AM
Johnson Controls International confirmed a ransomware attack in September 2023, costing the company $27 million and resulting in a data breach. Dark Angels ransomware gang stole over 27 TB of data and demanded a $51 million ransom. Johnson Controls expects costs to rise as they investigate the stolen data. They are confident that the unauthorized activity has been contained.
From the meeting notes, here are the key takeaways:
– Johnson Controls International suffered a ransomware attack in September 2023, which cost the company $27 million in expenses and led to a data breach after hackers stole corporate data.
– The ransomware gang, Dark Angels, was behind the attack and demanded a $51 million ransom to delete the stolen data and provide a file decryptor.
– The cyberattack resulted in unauthorized access, data exfiltration, and deployment of ransomware by a third party into a portion of the company’s internal IT infrastructure.
– Expenses associated with responding and remediating to the cyberattack amounted to $27,000,000, and the impact on net income for the three months ended December 31, 2023, was approximately $27 million.
– Johnson Controls expects the cost to rise as they continue to determine what data was stolen and work with external cybersecurity forensics and remediation experts.
– However, the company is confident that the unauthorized activity has been fully contained, and its digital products and services, including OpenBlue and Metasys, are all available.
Let me know if there’s anything else you need.