In a recent cyber attack, the Cactus ransomware group claims to have infiltrated Schneider Electric’s Sustainability Business division, stealing a substantial 1.5 terabytes of data. The breach, which occurred on January 17th, has raised concerns as the gang now threatens to expose the stolen information if a ransom is not paid.
The ransomware group has already leaked 25MB of allegedly pilfered data on its dark web leak site, showcasing American citizens’ passports and scans of non-disclosure agreement documents. Schneider Electric, a French multinational specialising in energy management and automation, is being coerced by the hackers to meet their ransom demand to prevent further leaks.
While the specific nature of the stolen data remains unknown, Schneider Electric’s Sustainability Business division provides services related to renewable energy and regulatory compliance for major global companies such as Allegiant Travel Company, Clorox, DHL, DuPont, Hilton, Lexmark, PepsiCo, and Walmart. This implies that the compromised data might include sensitive information about customers’ industrial control and automation systems and details regarding environmental and energy regulations compliance.
Cactus ransomware, a relatively new player in the cybercrime landscape, emerged in March 2023, employing double-extortion attacks. The group gains access to corporate networks through various means, including purchased credentials, partnerships with malware distributors, phishing attacks, or exploiting security vulnerabilities.
[…]
Content was cut in order to protect the source.Please visit the source for the rest of the article.