Cactus Ransomware claims responsibility on Schneider attack

The Cactus ransomware group claims responsibility for stealing 1.5TB of data from the Schneider Electric.

Schneider Electric is a multinational company that specializes in energy management, industrial automation, and digital transformation.

Advertisements

In January, the attack hit the Sustainability Business division of the company on January 17th, and Schneider Electric confirmed the data breach.

The attack impacted the services of Schneider Electric’s Resource Advisor cloud platform, causing outages.and other ther divisions of the company were not impacted by the cyber attack.

Cactus Ransomware has just posted Schneider Electric. https://t.co/ZlVILOuNFr pic.twitter.com/z91nfnGYAQ
— Dominic Alvieri (@AlvieriD) February 19, 2024

Now, the Cactus ransomware gang published 25MB of allegedly stolen data on its Tor leak site. The gang also published several pictures of passports and company documents as proof of the hack.

The Cactus ransomware operation has been active since March 2023, Kroll researchers reported that the ransomware strain is notable for the use of encryption to protect the ransomware binary.