Novel hacker group stole 40GB of data from Schneider Electric's Jira platform
French energy giant Schneider Electric has admitted to suffering a data security incident after a threat actor claimed that they infiltrated one of the company’s developer platforms and stole 40 gigabytes of data, including employees’ and customers’ email addresses.
Over the weekend, a relatively unknown hacker group going by the name “Hellcat” claimed that it infiltrated the internal network of Schneider Electric and accessed the company’s “Atlassian Jira systems”, a project management tool that helps teams to plan, track, and manage work.
🚨Cyberattack Alert ‼️
🇫🇷France - Schneider Electric
Hellcat hacking group claims to have breached Schneider Electric.
Allegedly, 40 GB of data, including projects, issues, plugins, and over 400,000 rows of user data, were exfiltrated.
Ransom demand: $125,000. pic.twitter.com/6S9KHQHAEB
Bleeping Computer reported that the hacker group, which initially used the moniker “Grep”, breached the internal network of Schneider Electric using compromised credentials and stole 400,000 rows of user data that included 75,000 unique names and email addresses for Schneider Electric employees and customers.
Hellcat has demanded a ransom of $125,000 and if the company decides against paying the ransom, the group will make the stolen data public.
Acknowledging the claims of the hacker group, a Schneider Electric spokesperson said in a statement shared with the media, “Schneider Electric is investigating a cybersecurity incident involving unauthorised access to one of our internal project execution tracking platforms which is hosted within an isolated environment.
“Our Global Incident Response team has been immediately mobilised to respond to the incident. Schneider Electric’s products and services remain unaffected,” the spokesperson added.
This is the second data security incident Schneider Electric suffered this year. In January, the company said it suffered a ransomware attack that affected its Sustainability Business division and impacted Resource Advisor and other division specific systems.
The Cactus ransomware group claimed responsibility for targeting Schneider Electric. The group said it stole 1.5 terabytes of data from the company’s systems and threatened to release it if the company did not pay a ransom.
Most Viewed
New rules, rising threats: why lean IT teams must rethink cyber-securitySponsored by CORO CYBER SECURITY
Don’t allow AI experiments to become quiet business risksSponsored by alice.io
The Expert View: Reducing cyber-risk across OT and critical infrastructureSponsored by Claroty
The Expert View: Transforming security through risk intelligenceSponsored by Obrela
Winston House, 3rd Floor, Units 306-309, 2-4 Dollis Park, London, N3 1HF
23-29 Hendon Lane, London, N3 1RT
020 8349 4363
© 2025, Lyonsdown Limited. teiss® is a registered trademark of Lyonsdown Ltd. VAT registration number: 830519543