French industrial giant Schneider Electric has launched an investigation after hackers claimed to have stolen sensitive data from one of the company’s systems.

The hackers are calling themselves Hellcat and they claim to have breached Schneider’s Jira issue tracking system. 

“This breach has compromised critical data, including projects, issues, and plugins, along with over 400,000 rows of user data, totaling more than 40GB compressed data,” the hackers wrote on their Tor-based leak website.

The cybercriminals are demanding a $125,000 ransom, but noted that the ransom amount will drop by 50% if the vendor confirms the breach. They are threatening to make the stolen data public if their demands are not met.

One of the hackers has published a couple of screenshots on X to demonstrate access to the Jira system and the theft of data.

In a statement, Schneider Electric said it’s investigating a cybersecurity incident involving unauthorized access to one of its “internal project execution tracking platforms”, which the company claims is hosted in an isolated environment.

“Our Global Incident Response team has been immediately mobilized to respond to the incident,” the company told SecurityWeek.

The industrial giant said its products and services are not impacted by the incident.

This is the second cybersecurity incident suffered by Schneider Electric this year. In early 2024, the company’s Sustainability Business division was targeted by the Cactus ransomware group, which claimed to have stolen a significant amount of data. 

Related: Siemens and Rockwell Tackle Industrial Cybersecurity, but Face Customer Hesitation 

Related: Siemens Energy, Schneider Electric Targeted by Ransomware Group in MOVEit Attack

Related: ICS Patch Tuesday: Siemens, Schneider Electric, CISA Issue Advisories