Enable Pasa Leaderboard Ad 728x90
Close this search box.

Supply chain disruption caused by Schneider Electric ransomware attack

Ransomware Attack

Schneider Electric, a global company specialising in digital automation and energy management, recently confirmed a ransomware attack that affected its Sustainability Business division on 17th January.

The attack was launched by the Cactus ransomware gang – according to Bleeping Computer who first reported the breach – and caused outages due to the impact on Schneider Electric’s division-specific systems, including the Resource Advisor cloud platform.

At a recent PASA Connect roundtable event, three of the 13 CPOs in attendance confirmed minor issues related to the incident.

Commenting on the attack in an official media statement, Schneider Electric said the incident was limited to its Sustainability Business division with no impact on any other entity. 

“Schneider Electric Global Incident Response team has been immediately mobilized to respond to the attack, contain the incident, and to reinforce existing security measures. Sustainability Business division has informed impacted customers,” the company said.

“From a recovery standpoint, Sustainability Business has restored its business platforms in a secure environment. After testing, access has reopened on January 31, 2024”.  

Schneider Electric also confirmed that data had been accessed in the attack, while a detailed analysis of the incident continues with leading cybersecurity firms.

Cactus Ransomware, which first appeared in March 2023, reportedly gains access to systems through exploiting VPN vulnerabilities, allowing for unauthorised access plus continuous presence.

Schneider Electric was previously targeted by a ransomware group in June 2023, becoming a victim of the Russian-speaking Clop gang’s MOVEit attacks.

Scroll to Top

Contact Us