The 40 GB of stolen data from Schneider Electric was reportedly published on the dark web, reports cybersecurity specialist media Cybernews on Monday, December 30. The French multinational, specializing in energy management and automation, reportedly refused to pay the ransom demanded, according to the hackers behind the November cyberattack. Result: the 40 GB including, according to the cybercriminals, the company's confidential data "on its projects, problems, plugins and more than 400,000 lines of user data" can be downloaded on the dark web since December 29, according to the perpetrators of the attack - the information has not been confirmed by the French giant.
The data leak took place last November. It was allegedly committed by a ransomware gang called Hellcat: the latter claimed to have penetrated Schneider Electric's infrastructure, stealing 40 GB of data. The French company then confirmed "unauthorized access to one of our internal project execution monitoring platforms". While the multinational had mobilized a "global response team", it did not specify what data was exfiltrated during the operation. According to the cybercriminals, it was "sensitive information on customers and operations" of the company.
$125,000 demanded
On November 7, the HellCat gang first demanded the payment of a strange ransom of $125,000... in the form of a baguette, in reference to Schneider Electric's French nationality. More seriously, he demanded payment in Monero (XMR), a crypto whose exchanges are known to be untraceable, within two days. The ransom payment “will ensure the deletion of this data and prevent its publication,” he claimed.
The threat actor had specified that the ransom amount would be halved if the CEO of the energy and automation giant publicly acknowledged the breach. While there was indeed a statement to this effect from the company, it was not followed by the payment of the ransom – a position increasingly followed by victims of cyberattacks, and always recommended by law enforcement.
Contacted by 01net.com, Schneider Electric told us, after the publication of this article, that it had no further comment to make on this subject.
Editor's note: this article was modified on Tuesday, January 7, after the response received from Schneider Electric.
Source: Cybernews
0 Comments