Schneider Electric has faced another major cyberattack, with hackers from the Hellcat Group posting 40GB of stolen data on the dark web after the company rejected a ransom demand. data was made public. This is the third major incident in the last 18 months.
In November 2024, the Hellcat hacking group breached Schneider Electric’s Atlassian Zilla system and claimed to have stolen a large amount of data. They demanded $125,000 in ransom. The hackers also offered to reduce their demand by 50% if the CEO of Schneider Electric publicly acknowledged the hack. However, when the company failed to comply, on December 29, Hellcat announced a leak of 40 GB of data on its website. The files contained information about projects, plugins, more than 400,000 user records and other sensitive information. This is the third major attack on Schneider Electric in the past 18 months, with the Cactus group stealing 1.5TB of data in February 2024, and before that Cl0p targeted the company during the MOVEit zero-day campaign.
Schneider Electric is one of the leaders in the field of energy and automation. However, the company is constantly under attack by hackers because of its important role in critical infrastructure. Cyber attacks, especially those involving ransomware, have increased significantly in recent years. The average buyout is $1.3 million, and the financial loss after negotiations is just $353,000.
The Schneider Electric data leak underscores the importance of strengthening cybersecurity in the face of increasing cyberattacks. Companies must implement proactive security measures to avoid financial losses and reputational damage.