News Heading - 1

Schneider Electric’s Sustainability Business Suffers Ransomware Attack

  • Written by Shipra Sanganeria Cybersecurity & Tech Writer
  • Fact-Checked by Justyn Newman Former Lead Cybersecurity Editor

French energy management and industrial automation giant Schneider Electric, in a public announcement, revealed a ransomware attack on its Sustainability Business division.

The company said the incident disrupted operations of some division specific systems, including Resource Advisor, its cloud-based sustainability and energy management platform.

The attack which took place on January 17, 2024 is claimed by the Cactus ransomware group, and it is believed to have resulted in significant amounts of corporate data theft as well. However, on its TOR site, the gang is yet to add Schneider to its list of victims.

Although details of the stolen data are yet to be shared, Schneider has notified the impacted customers of the incident. Known to provide consulting services to enterprises like PepsiCo, Walmart, DuPont, and Hilton, the Sustainability division helps organizations with their energy efficiency projects and energy procurement.

‘’The on-going investigation shows that data have been accessed. As more information becomes available, the Sustainability Business division [..] will continue the dialogue directly with its impacted customers and [..] provide information and assistance as relevant,’’ Schneider stated .

Immediately after discovery, the company deployed containment measures to ‘’contain the incident and reinforce existing security measures.’’

In the January 29th notification, the company reassured its various stakeholders that no other division within the Schneider Electric group was affected, as the Sustainability Business, an autonomous entity, operates its own isolated network infrastructure.

To analyze the impact of the security incident, the company continues to work with relevant authorities and has also availed services of leading cybersecurity firms.

Previously, Schneider Electric was targeted by the Cl0p ransomware group. The company was one of the many victims of the widespread MOVEit attack, which is said to have impacted approximately 2,611 organizations worldwide.

Active since March 2023, Cactus ransomware is known to adopt the double-extortion technique and has added numerous enterprises to its list of victims.

News Heading - 2

23andMe Security Breach Results in Theft of Raw Genotype Data, Health Reports

  • Written by Shipra Sanganeria Cybersecurity & Tech Writer
  • Fact-Checked by Justyn Newman Former Lead Cybersecurity Editor

Popular US-based genetic testing service provider, 23andMe notified customers that hackers may have stolen their sensitive information, including certain genotype data and health reports.

The security breach was first noticed after some of the stolen data was published on the popular hacking site, BreachForums and the unofficial 23andMe subreddit site, in October last year .

Following which an internal investigation was launched, which revealed that between April to September 2023, hackers had used credential stuffing attacks to access registered users’ data.

In a notification letter sent to the Office of California’s Attorney General , 23andMe stated, ‘’threat actor accessed those accounts where the usernames and passwords that were used on 23andMe.com were the same as those used on other websites that were previously compromised or otherwise available.’’

Its investigation revealed that attackers were able to access raw genotype data and certain health reports like, health-predisposition reports, wellness reports, and carrier status reports. In addition to these, it’s suspected that hackers may have also accessed a user’s self-reported health condition information and other personal information.

Furthermore, customers availing its DNA Relatives feature may have had their DNA Relatives and Family Tree profile information stolen. The attack also allowed the threat actors to gain access to the following information (if shared via the DNA Relatives feature):

  • Ancestry reports and matching DNA segments (specifically where on your chromosomes you and your relative had matching DNA)
  • Self-reported location (city/zip code)
  • Ancestor birth locations and family names, a weblink to user created family tree, profile picture and birth year
  • Other information included in the profile’s “Introduce yourself” section

After the discovery, 23andMe customers were required to reset their passwords using multi-factor authentication. Both new and existing users were also required to use two-step verification, while accessing their user account.

This incident also led multiple victims to file a class action lawsuit against 23andMe.