This is a work in progress. While we strive for accuracy, some breach details may be incomplete or pending verification.

Schneider Electric

Summary

Schneider Electric allegedly suffered a second cyber attack in 2024 when the Hellcat ransomware group claimed responsibility for breaching the company's Atlassian Jira system. A threat actor named "greppy" posted sample stolen data to X (formerly Twitter) on November 4, 2024.

Attack Vector

The Hellcat ransomware group breached Schneider Electric's infrastructure, accessing their Atlassian Jira project tracking platform. The attack compromised over 40GB of compressed data including projects, issues, plugins, and over 400,000 rows of user data. The platform was hosted within an isolated environment.

Consumer Impact

The breach exposed email addresses, links to Jira accounts, and Gravatar account information for over 400,000 users. The Hellcat group demanded a ransom payment of US$125,000 in "Baguettes" and offered to reduce the ransom by 50% if Schneider Electric publicly acknowledged the breach, specifically addressing new CEO Olivier Blum. This represents Schneider Electric's second major cyber incident of 2024.

Response

Schneider Electric immediately mobilized its global incident response team following the unauthorized access to their internal project execution tracking platform. The company confirmed the incident involved an isolated environment rather than core operational systems, limiting the potential impact on critical infrastructure operations.

Verification Source: View original statement