A newly emerged ransomware group has demanded an unusual ransom from French multinational Schneider Electric: $125,000 worth of baguettes (a bread of French origin), marking one of the most bizarre extortion attempts in recent cybercrime history.

The demand would require approximately 58,715 French baguettes, though security experts believe the bread-based ransom is likely a publicity stunt. According to BleepingComputer, the group, known as Hellcat, is actually seeking payment in the privacy-focused cryptocurrency Monero.

Schneider Electric, an energy management and industrial automation company, confirmed it is investigating unauthorised access to one of its internal project tracking platforms. “Our Global Incident Response team has been immediately mobilised to respond to the incident,” the company stated, emphasising that its products and services remain unaffected.

The hackers claim to have prevailed 40GB of compressed data, including over 400,000 rows of user information, after breaching the company’s Atlassian Jira system using exposed credentials. BleepingComputer reports that the stolen data contains approximately 75,000 unique email addresses and full names of employees and customers.

Hellcat, previously known as the International Contract Agency before rebranding, has offered to halve the ransom if Schneider Electric publicly acknowledges the breach. The group’s spokesperson, who goes by “Grep,” indicated they are currently testing an encryptor for future attacks.

Last month, Japanese electronics company Casio confirmed that a ransomware attack in October resulted in the theft of customer data, as well as sensitive employee and company information.

Join the community of 2M+ industry professionals

Subscribe to our newsletter to get latest insights & analysis.

Download ETCISO App

• Get Realtime updates
• Save your favourite articles

Scan to download App