- Hackers say that the ransom amount could be halved if the CEO publicly acknowledged the breach.
Schneider Electric, a prominent French multinational corporation specialising in energy management, has garnered attention again due to a significant cybersecurity breach.
The incident, linked to the HellCat ransomware gang, has underscored the vulnerabilities even major corporate entities face in the increasingly perilous landscape of cyber threats.
The attackers claimed to have exfiltrated over 40GB of critical data, including sensitive user information and project details, by exploiting a weakness in Schneider Electric’s Atlassian Jira system.
The breach marks the third notable cyberattack on Schneider Electric within a mere year and a half, following significant incidents attributed to the Cactus ransomware group and the Cl0p group in previous years.
As Schneider Electric stands among the Fortune Global 500, valued at approximately $145 billion, the implications of these repeated attacks are profound.
They not only jeopardise the integrity of sensitive data but also threaten the company’s reputation and stakeholder trust.
Unique tactics
On November 2nd, HellCat publicly threatened the company with a ransom demand of $125,000, intriguingly specified in “baguettes,” a nod to Schneider’s French heritage.
The situation escalated when another cybercriminal, operating under the alias ‘grep,’ taunted the firm on social media, indicating that, despite Schneider’s efforts to secure its systems, the attackers maintained access to vital infrastructures.
The revelation not only raises questions about the efficacy of the company’s cybersecurity measures but also highlights the brazen nature of modern cybercriminals.
Schneider Electric confirmed the breach to medias, asserting that while external attackers had gained access to their internal project execution tracking platform, the company’s core services and product offerings remained unaffected.
Nevertheless, the threat posed by HellCat became more pronounced as the group suggested that the ransom amount could be halved if the CEO publicly acknowledged the breach, further indicating the unique tactics employed by ransomware groups to manipulate corporate responses and draw attention to their threats.