In a very unusual incident, hackers from the Hellcat group invaded the infrastructure of Schneider Electrica giant in the energy management sector, and asked for a ransom worth US$ 125 mil — paid in baguettes. That’s right, baguettes. The group claimed to have gained access to more than 40 GB of compressed data, including critical information about the company’s projects and customers.
The attack was carried out through a flaw in Schneider Electric’s Atlassian Jira system, which allowed criminals to invade the company’s network and collect data from more than 400 thousand user records. According to the Hellcat group, they are willing to delete the compromised data as soon as payment is made — or rather, as soon as the baguettes are delivered.
Also read
New PF operation aims to arrest hackers who sell INSS data
Hacker fakes his death to avoid paying child support
Response from Schneider Electric
Schneider Electric has confirmed that it is investigating the incident and has mobilized its global incident response team to deal with the situation.
According to a company spokesperson, the attack involved unauthorized access to a project execution tracking platform, which was isolated from the rest of the systems. The company stated that its products and services were not affected by the security breach. See the excerpt in full:
“Schneider Electric is investigating a cybersecurity incident involving unauthorized access to one of our internal project execution tracking platforms, which is hosted in an isolated environment. Our global incident response team was immediately mobilized to deal with the incident. Schneider Electric products and services are not affected.”
Recurring incidents
This is the third security incident involving Schneider Electric in less than two years. In February, the company’s Sustainability division was the target of a ransomware attack by the Cactus group. Prior to that, in June 2023, Schneider was one of the victims of the massive CL0P ransomware attack during the MOVEit security breach.
Although the ransom demand is peculiar and possibly sarcastic in tone, the situation raises serious concerns about the vulnerability of large companies to cyberattacks. Schneider Electric’s new CEO, Olivier Blum, was appointed the same day the attack was announced, making the start of his tenure a major challenge.
Fonte: The Register
Source: https://www.hardware.com.br/noticias/hackers-baguetes-resgate-schneider.html
