Schneider Electric has revealed that it has fallen victim to a ransomware attack, leading to data from its sustainability business division being accessed.
The Cactus ransomware group has reportedly claimed responsibility for the attack, purportedly stealing terabytes of corporate data in the process.
Schneider said the incident took place on January 17, 2024, with its incident response team working to respond to and contain the attack. It has informed impacted customers of the breach. Customers of its Sustainability Business enterprise consulting arm include major brands such as Hilton, Pepsico, and Walmart.
A number of division specific systems have been taken offline as a result of the attack, including Resource Advisor. It is not clear what information was accessed in the incident.
In the update on January 29, Schneider said its global incident response team is performing remediation steps to securely restore its systems. The company expects that access to its business platforms will resume in the next two business days.
Schneider has confirmed that no other entity within the Schneider Electric group has been affected, as its sustainability business is an autonomous entity operating in an isolated network infrastructure.
The investigation into the incident is continuing, with Schneider working with cybersecurity firms and “relevant authorities” to gain a detailed analysis.
