Schneider Electrical has confirmed a developer platform was breached after a risk actor claimed to steal 40GB of information from the corporate’s JIRA server.
“Schneider Electrical is investigating a cybersecurity incident involving unauthorized entry to certainly one of our inner challenge execution monitoring platforms which is hosted inside an remoted surroundings,” Schneider Electrical informed BleepingComputer.
“Our World Incident Response group has been instantly mobilized to reply to the incident. Schneider Electrical’s services and products stay unaffected.”
Schneider Electrical is a French multinational firm that manufactures power and automation merchandise starting from family electrical elements present in large field shops to enterprise-level industrial management and constructing automation merchandise.
Over the weekend, a risk actor generally known as “Grep” taunted the corporate on X, indicating that they had breached its programs.
In a dialog with BleepingComputer, Grep mentioned they breached Schneider Electrical’s Jira server utilizing uncovered credentials. As soon as they gained entry, they claimed to make use of a MiniOrange REST API to scrape 400k rows of consumer information, which Grep says consists of 75,000 distinctive electronic mail addresses and full names for Schneider Electrical workers and clients.
In a publish to a darkish web page, the risk actor jokingly calls for $125,000 in “Baguettes” to not leak the information, sharing extra particulars about what was stolen.
“This breach has compromised important information, together with initiatives, points, and plugins, together with over 400,000 rows of consumer information, completely greater than 40GB Compressed Knowledge,” reads the risk actor’s publish.

Supply: BleepingComputer
Grep informed BleepingComputer they just lately fashioned a brand new hacking group, Worldwide Contract Company (ICA), named after Hitman: Codename 47 sport. The risk actor says this group doesn’t extort the businesses they breach.
As a substitute, if an organization doesn’t acknowledge they have been breached inside 48 hours, they may leak any stolen information.
Now that Schneider Electrical has confirmed the breach, we must see if the risk actor will proceed to leak or promote the stolen information.
Earlier this yr, Schneider Electrical’s “Sustainability Enterprise” division was breached in a Cactus ransomware assault, the place the risk actors claimed to have stolen terabytes of information.