A futuristic figure wearing a spiked, metallic helmet and glowing visor types on a laptop in a surreal desert filled with cacti under a starry night sky. The scene, illuminated by a neon glow, blends cyberpunk aesthetics with nature's backdrop as the warrior fortifies against cyberthreats using their VPN.

1. 5TB of Schneider Electric data is allegedly stolen by Cactus ransomware.

After breaking into Schneider Electric’s network last month, the Cactus ransomware gang asserts to have stolen 1. 5TB of data.

As evidence for the threat actor’s claims, 25MB of allegedly stolen material, as well as images of several American citizens ‘ passports and scans of non-disclosure agreements, were also leaked today on the operation.

The ransomware group gained access to the Sustainability Business division of the energy management and automation behemoth on January 17, as BleepingComputer first reported.

If a ransom demand is not met, the gang will extort the business and threaten to leak all the data that is allegedly stolen.

Although the specifics of the data theft are currently unknown, Schneider Electric’s Sustainability Business division offers consulting services for renewable energy and regulatory compliance to numerous well-known businesses around the world, including Walmart, Allegiant Travel Company, Clorox, DHL, DuPont, Hilton, Lexmark, and PepsiCo.

Given this, sensitive information about customers ‘ industrial control and automation systems as well as compliance with environmental and energy regulations may be found in the data stolen from its compromised systems.

Over 150 000 people work for Schneider Electric, a multinational energy and automation manufacturer.

In 2023, the business reported$ 28.5 billion in revenue. More than 2,700 other organizations were also harmed by Clop ransomware’s MOVEit data theft attacks.

Schneider Electric Cactus leak
Cactus leak site entry by Schneider Electric ( BleepingComputer )

Double-extortion attacks made Cactus ransomware, a relatively new operation, public in March 2023.

Its users use pre-purchased credentials, alliances with different malware distributors, phishing attacks, or security flaws to access corporate networks.

They steal sensitive data and nbsp from a target’s network after gaining access to it in order to use it as leverage in ransom negotiations.

Over 100 businesses have joined the Cactus ransomware’s data leak site since it first appeared. While still negotiating a ransom, the threat actors have either already leaked some data online or are threatening to do so.

 

Ransomware -Understanding Threats and Protecting Organization

Insights into the State of Cyber Threats

35 million people are affected by the ransomware breach, according to Vans, North Face owner

Microsoft was breached by Russian hackers to steal corporate emails

Researchers from the University and NIST develop residential building models to assess the fairness of electricity rates

Skip to content