Global Archives - ICSSTRIVE

Schneider Hit In MOVEit Transfer Zero Day

May 30, 2023

Schneider Electric suffered cyberattack from the Clop ransomware group

“On May 30th, 2023, Schneider Electric became aware of vulnerabilities impacting Progress MOVEit Transfer software.” the company said in a statement. “Subsequently, on June 26th, 2023, Schneider Electric was made aware of a claim mentioning that we have been the victim of a cyberattack relative to MOVEit vulnerabilities,” the company said. “Our cybersecurity team is currently investigating this claim as well.”

No further information was released at this time.

Siemens Energy AG Confirms Ransomware Attack

June 27, 2023

Cl0p ransomware group claimed the cyber attack on Siemens Energy and four other organizations including Schneider Electric and the University of California Los Angeles.

Siemens Energy spokesperson, Claudia Nehring, stated, “Regarding the global data security incident, Siemens Energy is among the targets. Based on the current analysis, no critical data has been compromised and our operations have not been affected. We took immediate action when we learned about the incident.”

Siemens Energy in-house ProductCERT team has not released any statements or updates regarding the alleged cyber attack. The team is responsible for handling all security-related matters pertaining to their products, solutions, and services.

Cl0p listed Siemens Energy on their data leak site. The group has been wreaking havoc on various organizations in recent weeks.

Major Airlines Affected in Massive Supply Chain Attack at Technology Giant SITA.

February 24, 2021

SITA, an airline technology and communication provider that operates passenger processing systems for airlines, was the victim of a cyber-attack involving passenger data. SITA serves 90% of the world’s airlines and disclosed that among the airlines affected were various major airlines including Air India, Finnair, Japan Airlines, Jeju Air, Lufthansa, Malaysia Airlines, Singapore Airlines and Cathay Pacific.

Singapore Airlines reported that 580,000 of its frequent flyer members were compromised in the attack and Air India estimated that personal data relating to 4.5 million of its passengers was stolen.

Entire System of Global Energy Provider ista International Hacked in Two Days

August 1, 2022

ista International GmbH announced a cyber attack on its website. All affected IT systems were initially taken offline, resulting in various functions and services being unavailable. The company’s customer portal and email functionality are switched off. ista asks to refrain from contacting them. “We will inform them immediately via our website when the contact options are available again .. you will temporarily be limited or unable to use certain functions and services.”

ista describes the company: “..we already have 400,000 gateways in use for our customers that link over 25 million connected devices to each other”. Daixin Team states they went through one of those gateways and took control of the entire system in two days.

ista International takes care of about 30 million networked devices in 22 countries in the field of sub-metering.

Global Airline Technology Provider Accelya Hacked by AlphV/Black Cat.

August 23, 2022

Accelya, a technology provider for many of the world’s largest airlines, said it recently dealt with a ransomware attack impacting some of its systems.

Accelya provides services to Delta, British Airways, JetBlue, United, Virgin Atlantic, American Airlines and many more. The company confirmed Tuesday that company data was posted on a ransomware leak site. The AlphV/Black Cat ransomware group published data it allegedly stole from Accelya last Thursday. The group claimed to have stolen emails, worker contracts and more.

Nivea’s parent company, Beiersdorf, Target of NotPetya Attack

June 27, 2017

German skin care company Beiersdorf said it was a “target” of the cyberattack, which affected its IT and telephone systems. The firm’s headquarters in Hamburg, as well as its affiliates around the world, were affected. While Beiersdorf expects sales worth roughly €35 million ($41 million) to be shifted from the second quarter to the third, the company does not expect a material impact on its profits for this year.

Saint-Gobain, a Major European Building Supply Maker Suffers NotPetya Cyberattack

June 27, 2017

French construction giant Saint-Gobain said Thursday, July 13, that it had restored all systems affected by the start of the week after the attack. The company said the attack led to downtime of IT systems and supply chain disruptions and claimed that no personal data had been lost. The NotPetya attack has had a negative impact of €220 million ($258 million) on sales and €65 million ($76 million) on operating income in the first half of 2017. Until the end of the year, total losses are expected to rise to €330 million ($387 million).

FedEx TNT Global Operations Disrupted by NotPetya Attack

June 27, 2017

Operations of FedEx’s TNT Express unit in Europe were disrupted by the attack and the company previously warned that the financial cost of the incident was likely to be significant. While no data breach or data loss occurred as a result of Petya, the company previously warned that it may not be able to recover all of the systems affected by the cyber attack. “Most TNT Express services resumed during the quarter and substantially all TNT Express critical operational systems have been restored. However, TNT Express volume, revenue and profit still remain below previous levels,” the company said.

Accenture Back Up After Ransomware Attack Report

August 11, 2021

Accenture said it has fully restored certain affected systems, after a hacker group attacked the consulting firm using LockBit ransomware and threatened to release the data in several hours.
“Through our security controls and protocols, we identified irregular activity in one of our environments. We immediately contained the matter and isolated the affected servers,” Accenture said in a Wednesday statement. “We fully restored our affected systems from backup, and there was no impact on Accenture’s operations, or on our clients’ systems.”

Supply Chain Attack Guidance Released

July 2, 2021

While the supply-chain ransomware attack Friday leveraging a vulnerability in Kaseya VSA software against multiple managed service providers (MSPs) and their customers remains under investigation, small- to midsize manufacturing companies could feel the impact.

« Older Entries