Hungry hackers have demanded that France’s Schneider Electric pay a $125,000 ransom in baguettes. Bleeping Computer’s report indicates that a hacker group may have stolen 40GB of data from the major French energy management and automation engineering group, after successfully penetrating the firm’s JIRA system.
Hey @SchneiderElec how was your week?Did someone accidentally steal your data and you noticed, shut down the services and restarted without finding them? Now you shut down again but the criminals seem to have taken more juicy data >_<November 3, 2024
Greppy is thought to have (or had) connections with the Hellcat ransomware gang. The above Tweet taunted Schneider about the purported success of a recent cyber attack, and a follow-up post in the thread reveals an example chunk of data. However, fuller details about the purported nature and scale of the data haul, as well as the boulangerie product demands, were published on the dark web.
If the ransom demands aren’t fulfilled, the threat is that sensitive data, including information about company projects, staff, and user data, will be spilled. According to the hacker(s) the stolen info includes: “critical data, including projects, issues, and plugins, along with over 400,000 rows of user data,” which weighs in at 40GB compressed.
However, the hacker(s) indicated, that should Schneider publicly admit to this latest data breach, the ransom would be cut in half. Thus, the ransom demanded would decrease to $62,500 worth of baguettes, we would presume. Even with a 50% deduction, that’s still a lot of dough.
At the time of writing, it is difficult to know exactly whether Schneider has satisfied the ransom admission clause, as it released a statement to Bleeping Computer that doesn’t exactly confirm the scale of the purported breach.
“Schneider Electric is investigating a cybersecurity incident involving unauthorized access to one of our internal project execution tracking platforms which is hosted within an isolated environment,” Schneider Electric said to BleepingComputer. The firm also said its Global Incident Response team was on the case straight away, but insisted that “Schneider Electric's products and services remain unaffected.”
Bleeping Computer also talked to Greppy (or Grep), who indicated a new hacking group called ICA had been formed. One which doesn’t extort cash from companies if they admit being breached within 48 hours.