Earlier, the French electrical giant Schneider Electric was suspected to have been hacked. It was said that it was suspected because Schneider has not admitted to being hacked so far, so it is temporarily impossible to confirm whether the hacker's statement is true or false. Hackers revealed on the social networking site X/Twitter that after invading the JIRA system of a large French energy management and automation engineering group, they successfully obtained 40GB of Schneider-related data contained in it.
This data includes some of Schneider's projects, key business data, work orders and plug-ins used, etc. It also contains 400,000 rows of customer data, and the compressed data size is 40GB.
The JIRA system is an engineering project tracking platform. Schneider uses this system to track the progress of the project and deal with various related issues. Therefore, the hacker did not directly invade Schneider's own internal system.
However, it is true that the data was stolen, and the hackers demanded that Schneider Electric pay a ransom of $125,000, and the ransom was not paid in Bitcoin, but in baguettes.
The hackers also teased that if Schneider Electric was willing to publicly admit the data breach, the ransom could be reduced to $62,500, but Schneider would still have to pay in baguettes.
If Schneider really paid with baguettes, it is unlikely that hackers would be able to accept it. The intentions of this newly established hacker group ICA are somewhat confusing. ICA stated that if the hacked company is notified and admits to being hacked within 48 hours, ICA will not extort ransom from it.
Schneider Electric said in a statement:The company is investigating this cybersecurity incident involving unauthorized access to our internal project execution tracking platform hosted in an isolated environment. The global incident response team is immediately handling this incident, and Schneider Electric's products and services are not affected.