Schneider Electric confirmed that it is investigating a breach as a
  ransomware group Hellcat claims to have stolen more than 40 GB of
  compressed data — and demanded the French multinational energy
  management company pay $125,000 in baguettes or else see its sensitive
  customer and operational information leaked.

  And yes, you read that right: payment in baguettes. As in bread.

  Schneider Electric declined to answer The Register's specific questions
  about the intrusion, including if the attackers really want $125,000 in
  baguettes or if they would settle for cryptocurrency.

  A spokesperson, however, emailed us the following statement:

  A ransomware crew called Hellcat claimed to have gained access to
  Schneider Electric's infrastructure via the $40-billion energy
  management giant's Atlassian Jira system.

  "This breach has compromised critical data, including projects, issues,
  and plugins, along with over 400,000 rows of user data, totaling more
  than 40GB Compressed Data," the criminals [1]posted on their leak site.

  The miscreants also promised to delete the data as long as the French
  firm hands over the dough.
    * [2]Columbus, Ohio, confirms 500K people affected by Rhysida
      ransomware attack
    * [3]Uncle Sam outs a Russian accused of developing Redline
      infostealing malware
    * [4]Brazen crims selling stolen credit cards on Meta's Threads
    * [5]Ransomware's ripple effect felt across ERs as patient care
      suffers

  "Failure to meet this demand will result in the dissemination of the
  compromised information," they threatened. "Stating this breach will
  decrease the ransom by 50 percent, its [sic] your choice Olivier…"

  "Olivier," we'd assume, is Olivier Blum, who, on Monday, was
  [6]announced as Schneider's new CEO. This is the same day that Hellcat
  added the multinational to its site of shame, which doesn't make for a
  pleasant first week on the job.

  Also on Monday, Hellcat [7]leaked data that the group claimed belonged
  to Jordan's Ministry of Education and Tanzania's College of Business
  Education.

  This is Schneider Electric's third breach in less than two years. In
  February, Cactus ransomware [8]infected the corporation's
  Sustainability Business division. And in June 2023, the French giant
  was among the [9]thousands of organizations and millions of individuals
  whose data was stolen by the [10]CL0P ransomware crew in the MOVEit
  attacks. ®

References

  1. https://x.com/grepcn/status/1853450369646354625
  2. https://www.theregister.com/2024/11/04/columbus_rhysida_ransomware/
  3. https://www.theregister.com/2024/10/29/russian_redline_malware/
  4. https://www.theregister.com/2024/10/28/crims_selling_credit_cards_threads/
  5. https://www.theregister.com/2024/10/24/ransomware_ripple_effect_hospitals/
  6. https://x.com/SchneiderElec/status/1853487404956422580
  7. https://x.com/FalconFeedsio/status/1853477812260454861
  8. https://www.se.com/ww/en/about-us/newsroom/news/press-releases/sustainability-business-division-of-schneider-electric-responds-to-cybersecurity-incident-65b8035eb11dced626091019
  9. https://www.theregister.com/2023/11/20/moveit_victim_77m_medical/
 10. https://www.theregister.com/2023/06/15/clop_broke_into_the_doe/

You are viewing proxied material from 1436.ninja. The copyright of proxied material belongs to its original authors. Any comments or complaints in relation to proxied material should be directed to the original authors of the content concerned. Please see the disclaimer for more details.