The Cactus ransomware group recently claimed responsibility for breaching Schneider Electric's network and stealing 1.5TB of data from its Sustainability Business division. As proof, the gang leaked 25MB of allegedly stolen data, including snapshots of American citizens' passports and non-disclosure agreement scans, on the dark web.

The intrusion occurred on 17 January, and the hackers are now demanding a ransom, threatening to release all the stolen data if their demands are not met. The compromised data may include sensitive information about customers' industrial control systems and compliance with environmental regulations.

Schneider Electric's Sustainability Business division offers renewable energy and regulatory compliance consulting services to major companies worldwide.