Schneider was able to contain a recent hack and neutralize the threat
French energy giant Schneider Electric was able to offer some helpful reassurance and provide a framework for how to contain a hacking incident after it got hit with a malicious attempt this past month.
Schneider confirmed that the incident was limited to Sustainability Business division and had no impact on any other Schneider Electric entity. The company also confirmed that it was able reopen business platforms within mere hours of the attack, an impressive feat.
Note: the following statement was published on January 29, 2024, and updated on Feb.1st and Feb. 19, 2024. The latest update was issued to inform that certain data from Sustainability Business was obtained by the threat actor.
Â
On January 17th, 2024, a ransomware incident affected Schneider Electric Sustainability Business division. The attack has impacted Resource Advisor and other division specific systems.Â
Schneider Electric Global Incident Response team was immediately mobilized to respond to the attack, contain the incident, and to reinforce existing security measures. The Sustainability Business division has informed impacted customers. "As more information becomes available, the Sustainability Business division of Schneider Electric will continue the dialogue directly with its impacted stakeholders and will continue to provide information and assistance as relevant," Schneider said in a statement.
From a recovery standpoint, Sustainability Business has restored its business platforms in a secure environment. After testing, access has reopened on January 31, 2024.
From a containment standpoint, as Sustainability Business is an autonomous entity operating its isolated network infrastructure, no other entity within the Schneider Electric group has been affected.Â
From an impact assessment standpoint, the on-going investigation shows that data have been obtained by the threat actor.
From a forensic analysis standpoint, the detailed analysis of the incident continues with leading cybersecurity firms and the Schneider Electric Global Incident Response team continuing to take additional actions based on its outcomes, working with relevant authorities.Â
This information is shared as part of Schneider Electric ongoing commitment to Trust and responsible transparency.