Schneider Electric reportedly hit with Cactus ransomware attack

Schneider Electric reportedly hit with Cactus ransomware attack

Energy management consultancy giant Schneider Electric has reportedly fell victim to a Cactus ransomware attack, resulting in the theft of corporate data from its Sustainability Business division.

The attack, which occurred on January 17, 2024, disrupted Schneider Electric's Resource Advisor cloud platform, causing ongoing outages, according to tech news site BleepingCompueer.

The attackers are said to have stolen terabytes of corporate data and are now threatening to leak the information if a ransom is not paid. While the specific nature of the stolen data remains unknown, the Sustainability Business division primarily offers consulting services to enterprise organizations, providing guidance on renewable energy solutions and helping navigate complex climate regulatory requirements for companies globally.

Schneider Electric has not disclosed whether it intends to pay the ransom. When asked about the incident, the company confirmed the cyberattack on its Sustainability Business division. The energy giant acknowledged that unauthorized access to data occurred but said that the incident was contained within this specific division and did not impact other parts of the company. The investigation into the incident is ongoing.

Back to the list

Latest Posts

Chinese state-backed hackers using Google Calendar for cyberespionage

Chinese state-backed hackers using Google Calendar for cyberespionage

The attack chain begins with spear-phishing emails containing a ZIP archive hosted on the compromised site.
29 May 2025
Over 9,000 ASUS routers compromised in nation-state-like AyySSHush botnet campaign

Over 9,000 ASUS routers compromised in nation-state-like AyySSHush botnet campaign

The attackers reportedly use a mix of brute-force login attempts, authentication bypasses, and old bugs to gain persistent access.
29 May 2025
DragonForce ransomware breaches MSPs via recently patched SimpleHelp flaws

DragonForce ransomware breaches MSPs via recently patched SimpleHelp flaws

After breaching the MSP, the attackers utilized SimpleHelp to gather intelligence across client environments.
28 May 2025