Cactus ransomware claim to steal 1.5TB of Schneider Electric data


The Cactus ransomware gang claims they stole 1.5TB of data from Schneider Electric after breaching the company’s network last month.

25MB of allegedly stolen were also leaked on the operation’s dark web leak site today as proof of the threat actor’s claims, together with snapshots showing several American citizens’ passports and non-disclosure agreement document scans.

As BleepingComputer first reported, the ransomware group gained access to the energy management and automation giant’s Sustainability Business division on January 17th.

The gang is now extorting the company, threatening to leak all the allegedly stolen data if a ransom demand is not paid.

It is currently unknown what specific data was stolen, but Schneider Electric’s Sustainability Business division provides renewable energy and regulatory compliance consulting services to many high-profile companies worldwide, including Allegiant Travel Company, Clorox, DHL, DuPont, Hilton, Lexmark, PepsiCo, and Walmart.

Read more…