Hellcat group publishes 40GB of data stolen from Schneider Electric
The Hellcat hacker group has published confidential data stolen from French energy giant Schneider Electric on its dark web site, including 40 gigabytes of corporate data and email addresses.
In November, a relatively-unknown hacker group, going by the name “Hellcat,” claimed that it infiltrated the internal network of Schneider Electric and accessed the company’s Atlassian Jira systems, a project management tool that helps teams to plan, track, and manage work.
The hacker group, which initially used the moniker “Grep”, said it breached the internal network of Schneider Electric using compromised credentials and stole 400,000 rows of user data that included 75,000 unique names and email addresses for Schneider Electric employees and customers.
Hellcat demanded a ransom of $125,000 and said that if the company decides against paying the ransom, it will make the stolen data public.
Acknowledging the claims of the hacker group, a Schneider Electric spokesperson said in a statement shared with the media, “Schneider Electric is investigating a cybersecurity incident involving unauthorised access to one of our internal project executions tracking platforms which is hosted within an isolated environment.
“Our Global Incident Response team has been immediately mobilised to respond to the incident. Schneider Electric’s products and services remain unaffected,” the spokesperson added.
Recently, the Hellcat group published the stolen data after the company refused to pay the ransom. The hacker group published the entire dataset in a single 40GB file that includes projects, issues, plugins, and over 400,000 rows of user data.
#Hellcat #Ransomware published #SchneiderElectric data on new #TOR Domain as🧲weak!https://t.co/tqIAr9mFLdhttps://t.co/3USGMmxxk2
More info:https://t.co/xfD4tAgcAg@BleepinComputer #infosec #malware #security #threatintel #OSINT #darkweb #data #privacy #dataleak #corporate pic.twitter.com/swknJ5x2ZF
This is the second data security incident Schneider Electric suffered in 2024. In January, the company said it suffered a ransomware attack that affected its Sustainability Business division and impacted Resource Advisor and other division-specific systems.
The Cactus ransomware group claimed responsibility for targeting Schneider Electric. The group said it stole 1.5 terabytes of data from the company’s systems and threatened to release it if the company did not pay a ransom.
Related Articles
Most Viewed
New rules, rising threats: why lean IT teams must rethink cyber-securitySponsored by CORO CYBER SECURITY
Don’t allow AI experiments to become quiet business risksSponsored by alice.io
The Expert View: Reducing cyber-risk across OT and critical infrastructureSponsored by Claroty
The Expert View: Transforming security through risk intelligenceSponsored by Obrela
Winston House, 3rd Floor, Units 306-309, 2-4 Dollis Park, London, N3 1HF
23-29 Hendon Lane, London, N3 1RT
020 8349 4363
© 2025, Lyonsdown Limited. teiss® is a registered trademark of Lyonsdown Ltd. VAT registration number: 830519543