In a bizarre twist to the world of cybersecurity, Schneider Electric, a global industrial giant, has been targeted by hackers who demanded a ransom in French baguettes before shifting to a more typical form of cryptocurrency. The hacker group Hellcat, led by a mysterious figure known as “Grep” on Twitter, infiltrated Schneider’s internal systems, stealing sensitive data related to its clients and operations.
A Strange Start to a Familiar Ransom
On November 7, Schneider Electric confirmed that it had been the victim of a cyberattack aimed at its internal project tracking platform. The hackers, identifying as Hellcat, initially made an unusual demand: $125,000 worth of baguettes. Yes, you read that correctly. The hackers requested the ransom in the form of one of France’s most iconic foods.
However, the demand soon evolved into something more typical of ransomware attacks: Monero (XMR), a privacy-focused cryptocurrency, known for its anonymity and difficulty to trace.
A Strategic Play or Just for the Headlines?
According to Huseyin Can Yuceel, a security researcher at Picus, the bizarre nature of the ransom request could be seen as a deliberate marketing tactic. “This unusual demand is likely a strategy to stand out in the increasingly crowded world of ransomware,” said Yuceel. By demanding baguettes, the group may have hoped to attract media attention, and it seems to have worked—at least temporarily.
This breach marks the third cyberattack on Schneider Electric in just under two years. The company had previously suffered attacks in February 2024 and June 2023, when ransomware groups Cactus and CL0P respectively compromised the company’s systems. This most recent attack follows a worrying trend of increasing cybersecurity vulnerabilities in the industrial sector.
Hellcat’s Threat
Hellcat claims to have stolen over 40 GB of sensitive data, including 400,000 lines of user information. The hackers even addressed Schneider Electric’s CEO, Olivier Blum, directly in their ransom note, referencing the company’s impressive €36 billion in annual revenue as justification for their demand. The group’s messaging also highlighted the value of the stolen data, pressuring the company to comply.
Despite the unusual demands, Schneider Electric quickly responded by assuring the public that its “products and services are not affected.” The company clarified that the attack was isolated to an internal project tracking platform and that investigations were underway.
Raising Questions About Cybersecurity
This latest breach raises important questions about the cybersecurity measures in place at Schneider Electric. The company’s repeated vulnerability to cyberattacks—particularly in such a short span of time—has prompted industry observers to ask whether its defense systems are robust enough to protect its sensitive operational data from increasingly sophisticated hacking groups.
While the initial demand for ransom in baguettes provided a touch of comedy, the growing trend of cyberattacks on major companies, especially in the industrial sector, is no laughing matter. The Hellcat group may have been aiming to make a splash with their odd ransom request, but their actions highlight the very real threat to businesses that rely heavily on digital infrastructure and internal systems.
While the idea of demanding ransom in baguettes might seem strange, it underscores the creativity and unpredictability that hackers bring to the table. Schneider Electric’s response and the increased media attention surrounding this attack may have been exactly what Hellcat wanted. As cybercrime becomes ever more sophisticated, this latest breach raises important questions about the future of industrial cybersecurity—and what companies can do to better defend themselves against attacks that increasingly blur the line between the digital and physical worlds.
Leo Frost, the visionary founder and senior content writer at Crypto Quill, brings a wealth of expertise and creativity to the world of cryptocurrency. With a passion for blockchain technology and digital assets, Leo’s insightful articles captivate readers, offering valuable insights into the evolving landscape of crypto. As a seasoned writer and industry pioneer, Leo is committed to delivering engaging content that educates and inspires audiences worldwide.