Ransomware gang demands ransom for Schneider Electric data breach: baguettes

French multinational digital automation and energy company Schneider Electric SE has been hacked and data stolen, but the ransom demanded by those behind the theft is not money. They’re baguettes.

It’s unclear exactly when the breach occurred, but claims that the company had been breached first appeared on X this weekend. according to Beeping computer. Schneider Electric confirmed the breach on Monday and said it was investigating a “cybersecurity incident involving unauthorized access to one of our internal project execution tracking platforms, which is hosted in an isolated environment.”

A ransomware gang called Hellcat has claimed responsibility, claiming that they gained access to Schneider Electric’s infrastructure through the Atlassian Corp. Company Jira installation. “This breach compromised critical data, including projects, issues, and plugins, along with more than 400,000 rows of user data, totaling more than 40 GB of compressed data,” the hacking group wrote on its website. dark web leakage site.

Then it gets interesting. “To secure the deletion of this data and prevent its public release, we require a payment of $125,000 USD in baguettes,” the group said, adding: “Failure to comply with this demand will result in the dissemination of the compromised information.”

Notably, however, the number of baguettes Schneider Electric may be interested in has now been reduced, with the group also writing that “claiming this breach will reduce the ransom by 50%, it’s your choice, Olivier.” Olivier refers to Chief Executive Officer Olivier Blum and with Schneider admitting the breach, the ransom owed is now believed to be $62,500 in baguettes.

Since Schneider Electric is unlikely to cough up the money, the deadline for paying for the baguette is November 7, after which Hellcat promises to release the stolen data.

The Hellcat ransomware group first gained attention in October when they targeted high-profile entities such as the Israeli Knesset and the Jordanian Ministry of Education, exfiltrating sensitive data and demanding significant ransoms. The group has so far built a reputation on attacking government agencies and educational organizations, exploiting their access to crucial data to force victims to pay up.

Hellcat operates by infiltrating systems, extracting massive amounts of sensitive information and threatening to release it unless their ransom demands are met. Like many similar groups, they often publicize their breaches on the dark web to put pressure on victims and increase their visibility.

Images: SiliconANGLE/Ideogram, Hellcat