Schneider Electric says developer platform was breached, company data stolen

Representational image depecting cybersecurity protection
(Image credit: Shutterstock)

  • The company is currently investigating the attack
  • The hacker claims to have stolen 40 GB of compressed data
  • Schneider Electric's Jira system was breached

Schneider Electric has confirmed suffering its second cyberattack and data leak in recent months.

Earlier this week, a threat actor alias Greppy added a new post on X, claiming to have breached the corporation:

“Hey Schneider Electric, how was your week? Did someone accidentally steal your data and you noticed, shut down the services and restarted without finding them? Now you shut down again but the criminals seem to have taken more juicy data,” the tweet reads.

Hiding the IP address

This prompted BleepingComputer to reach out to the company with further questions.

"Schneider Electric is investigating a cybersecurity incident involving unauthorized access to one of our internal project execution tracking platforms which is hosted within an isolated environment," the firm told the publication. "Our Global Incident Response team has been immediately mobilized to respond to the incident. Schneider Electric's products and services remain unaffected."

Greppy also posted the loot on a dark web site, saying they accessed the company’s Atlassian Jira system.

“This breach has compromised critical data, including projects, issues, and plugins, along with 400,000 rows of user data, totaling more than 40GB compressed data,” the ad reads. “To secure the deletion of this data and prevent its public release, we require a payment of $125,000 USD in Baguettes,” the hackers said.

Obviously, the attacker doesn’t want hundreds of thousands of baguettes - it’s a joke, since Schneider Electric is a French business. Instead, they just want the victim company to acknowledge the breach within 48 hours. Since the company did just that, let’s see if Greppy keeps their word.

Schneider Electric is a multinational corporation specializing in energy management and automation solutions. It builds technologies and services that increase efficiency and sustainability across various sectors, including buildings, data centers, and infrastructure.

Via BleepingComputer

You might also like

Sead is a seasoned freelance journalist based in Sarajevo, Bosnia and Herzegovina. He writes about IT (cloud, IoT, 5G, VPN) and cybersecurity (ransomware, data breaches, laws and regulations). In his career, spanning more than a decade, he’s written for numerous media outlets, including Al Jazeera Balkans. He’s also held several modules on content writing for Represent Communications.