February 19, 2024 at 02:36PM
The Cactus ransomware gang breached Schneider Electric’s network, claiming to have stolen 1.5TB of data and leaked 25MB as proof on the dark web. They are now extorting the company and threatening to release all the data unless a ransom is paid. Schneider Electric’s Sustainability Business division, which provides renewable energy services, was specifically targeted in the attack.
From the meeting notes, I have gathered the following key takeaways:
1. The Cactus ransomware gang claims to have stolen 1.5TB of data from Schneider Electric’s Sustainability Business division after breaching the company’s network in January.
2. The gang has leaked 25MB of allegedly stolen data on the dark web leak site, including snapshots showing several American citizens’ passports and non-disclosure agreement document scans, as proof of their claims.
3. The stolen data could potentially include sensitive information about customers’ industrial control and automation systems and information about environmental and energy regulations compliance.
4. Schneider Electric is a French energy and automation manufacturing multinational that employs over 150,000 people worldwide and reported a $28.5 billion revenue in 2023.
5. Cactus ransomware is a relatively new operation that uses double-extortion attacks and has breached over 100 companies’ networks since its emergence in March 2023.
Please let me know if there are any additional details or specific actions you would like to take based on these takeaways.