Ransomware Attack Hits Schneider Electric Sustainability Unit – Source: www.databreachtoday.com

Fraud Management & Cybercrime
,
Ransomware

Manufacturer Confirms Systems Down, Data on Energy Consumption, Emission Accessed

Cal Harrison •
January 30, 2024    

Schneider Electric built its business on manufacturing circuit breakers and other electrical parts, but nowadays it also helps clients go green. The company collects data from more than 2,000 companies in its Resource Advisor software to track energy consumption, emissions and their overall sustainability scores.

The company said Tuesday that a ransomware attack has locked up Resource Advisor and other corporate systems of its Schneider Electric Sustainability Business division and accessed data. The company said it plans to resume operations two business days after remediation is complete.

See Also: Live Webinar | Securing the Cloud: Mitigating Vulnerabilities for Government

Russian ransomware group Cactus claimed responsibility for encrypting the company’s systems and stealing terabytes of data, according to a report by Bleeping Computer. Cactus does not appear to list Schneider on its dark web leak page.

“From an impact assessment standpoint, the ongoing investigation shows that data have been accessed,” the company said. “As more information becomes available, the Sustainability Business division of Schneider Electric will continue the dialogue directly with its impacted customers and will continue to provide information and assistance as relevant.”

Paris-based Schneider Electric is a global company providing energy management and digital automation products manufactured at 25 factories. Most of its business is based in North America and last year it reported 34 billion euros in revenues. While Schneider Electric said its sustainability division is separate from the rest of the business, which was unaffected by the breach, sustainability are one of three major lines of products and services.

Cactus ransomware group is relatively new – first observed in March 2023 – but it become a major ransomware-as-a-service operator.

The company did not say how much client data was affected by the incident or whether the group has threatened to extort its clients over their sustainability details, but said its incident response teams and outside cybersecurity specialists are still investigating the incident.

Schneider Electric also helps clients protect operational technologies, offering a range of cybersecurity services including consulting, design and implementation, monitoring, maintenance, training services. The company said on its LinkedIn page that it serves 40% of Fortune 500 companies.

The latest hack affecting the company came less than a year after it was affected by the Clop ransomware group’s mass hack attack on MOVEit servers. The software supply chain hack affected nearly 3,000 organizations and the personal information of more than 77 million Individuals.