In an unusual twist to cybersecurity incidents, French multinational corporation Schneider Electric faces a peculiar ransom demand following a significant data breach of their internal systems.
The Breach
A hacker group has successfully penetrated Schneider Electric's Jira system, an internal project execution tracking platform. The breach has resulted in the theft of approximately 40GB of compressed data, including sensitive information about company projects, internal issues, plugin data, and approximately 400,000 rows of user data.
The Unusual Ransom Demand
The hackers, led by an individual known as Greppy, have demanded a ransom of $125,000 in baguettes - a playful jab at the company's French origins. While the baguette reference is clearly tongue-in-cheek, the threat behind it is serious. The group has threatened to release the stolen sensitive data publicly if their demands are not met.
The Hacker's Proposition
In an interesting turn of events, the hackers, identifying themselves as part of a new group called ICA, have offered to halve the ransom amount to $62,500 if Schneider Electric publicly acknowledges the breach within 48 hours. This approach represents a departure from traditional ransomware tactics, suggesting a new trend in cyber extortion strategies.
Schneider's Response
Schneider Electric has confirmed the security incident, acknowledging unauthorized access to their internal project execution tracking platform. The company's Global Incident Response team has been mobilized to address the situation. They have emphasized that their core products and services remain unaffected by the breach, though they continue to investigate the full extent of the compromise.
Broader Implications
This incident marks Schneider Electric's second cyberattack and data leak in recent months, raising concerns about the company's cybersecurity posture. The attack specifically targeted their Atlassian Jira system, a crucial platform for project management and issue tracking, highlighting the vulnerability of internal development and tracking tools to cyber threats.