Cactus Ransomware Group Compromises Over 1 TB Data From Schneider Electric

2 Mins Read

PUREVPNNewsCactus Ransomware Group Compromises Over 1 TB Data From Schneider Electric

The Cactus ransomware group claims to have stolen 1.5TB of Schneider Electric data, putting the global energy management leader on high alert. According to BleepingComputer, the attackers broke into the company’s network last month, but how that happened still remains a mystery. 

Details of the Breach

The Cactus ransomware gang, in a bold move, released 25MB of the stolen data on their dark web platform yesterday. This release serves as evidence of the breach and includes snapshots of American citizens’ passports and scans of non-disclosure agreements.

The target of the breach was the Sustainability Business division of Schneider Electric, with the intrusion occurring on January 17th. This division is known for its pivotal role in providing renewable energy solutions and regulatory compliance consulting to some of the world’s most recognized corporations.

Extortion Threats

As with other ransomware attacks, the Cactus ransomware group has now resorted to extorting Schneider Electric, threatening the release of the entire cache of stolen data unless their ransom demands are met.

So, what did they steal exactly? It could be sensitive data on customer’s industrial control and automation systems as well as compliance information related to environmental and energy regulations. 

Impact on Schneider Electric

Schneider Electric is grappling with the implications of this breach. With a workforce of over 150,000 and a reported revenue of $28.5 billion in 2023, the breach poses a significant threat to the company’s reputation and operational integrity. 

However, this is not the first time the company has been the target of a cyber attack. They have previously fallen victim to Clop ransomware’s MOVEit data theft, which affected over 2,700 organizations.

The Cactus Ransomware Operation

Emerging in March 2023, the Cactus Ransomware Group has quickly gained notoriety for its double-extortion tactics. The group employs various methods to infiltrate corporate networks, including the use of purchased credentials, phishing schemes, and the exploitation of security vulnerabilities. 

Once inside, they exfiltrate sensitive data to leverage in ransom negotiations. Since its inception, the group has targeted over 100 companies, with some already suffering data leaks or facing ongoing extortion threats.

Final Word

As companies worldwide navigate the complexities of digital security, incidents like these serve as a stark reminder of the vulnerabilities that exist out there and the need for constant vigilance.

author

Anas Hasan

date

February 20, 2024

time

3 months ago

Anas Hassan is a tech geek and cybersecurity enthusiast. He has a vast experience in the field of digital transformation industry. When Anas isn’t blogging, he watches the football games.

Related Stories

Microsoft Provides Temporary Solution for Outlook Encrypted Email Reply Issue

Microsoft Provides Temporary Solution for Outlook Encrypted Email Reply Issue
Posted on May 17, 2024
MediSecure Ransomware Attack: Authorities Investigating the Data Breach

MediSecure Ransomware Attack: Authorities Investigating the Data Breach
Posted on May 17, 2024
Apple and Google Introduce Alerts for Hidden Bluetooth Trackers on iOS and Android

Apple and Google Introduce Alerts for Hidden Bluetooth Trackers on iOS and Android
Posted on May 16, 2024

Have Your Say!!

Join 3 million+ users to embrace internet freedom

Signup for PureVPN to get complete online security and privacy with a hidden IP address and encrypted internet traffic.

Get PureVPN