Schneider Electric Confirms Ransomware Attack Against Sustainability Unit

The provider of power management technologies said the impact of the Jan. 17 ransomware attack was limited to its Sustainability Business systems, including its Resource Advisor service, though data was also accessed in the incident.

Schneider Electric said that a Jan. 17 ransomware attack impacted its Sustainability Business division, with affected systems including its Resource Advisor service.

The attack was first reported by BleepingComputer, which indicated that the attack has been claimed by the Cactus ransomware group.

[Related: 10 Major Cyberattacks And Data Breaches In 2023]

In response to an inquiry from CRN, Schneider Electric pointed to a statement posted online, which said the attack was “limited to [its] Sustainability Business division.” There was “no impact on any other Schneider Electric entity,” the company said in the statement posted Monday.

“As Sustainability Business is an autonomous entity operating its isolated network infrastructure, no other entity within the Schneider Electric group has been affected,” the company said.

Schneider Electric also confirmed that data was accessed in the attack and said it plans to “continue the dialogue directly with its impacted customers.” The company didn’t specify what types of data may have been affected or whether partner data was impacted.

Schneider Electric, a major technology provider in segments including power management and industrial automation, said that it expected that access to impacted systems “will resume in the next two business days.”

Schneider Electric describes its Resource Advisor service as a single location for organizations to access and analyze their data related to energy, sustainability and ESG (environmental, social and governance) initiatives.

In June 2023, Schneider Electric said it was investigating after its name appeared on the darkweb site of the cybercriminal group Clop. The Russian-speaking gang carried out a widespread series of data extortion attacks last year against customers using Progress’ MOVEit file transfer software.