Security News > 2024 > January > Johnson Controls says ransomware attack cost $27 million, data stolen
Johnson Controls International has confirmed that a September 2023 ransomware attack cost the company $27 million in expenses and led to a data breach after hackers stole corporate data.
As first reported by BleepingComputer, Johnson Controls suffered a ransomware attack in September after the firm's Asia offices were initially breached, and the attackers spread throughout their network.
The Dark Angels ransomware gang was behind the attack and claimed to have stolen over 27 TB of confidential data from Johnson Controls.
In a quarterly report filed with the U.S. Securities and Exchange Commission yesterday, Johnson Controls confirmed that the cyberattack they suffered on September 23, 2023, was a ransomware attack that resulted in the theft of data.
"The cybersecurity incident consisted of unauthorized access, data exfiltration, and deployment of ransomware by a third party to a portion of the Company's internal IT infrastructure," confirmed Johnson Controls.
Johnson Controls expects this cost to rise in the coming months as they continue to determine what data was stolen and work with external cybersecurity forensics and remediation experts.
News URL
Related news
- Change Healthcare lists the medical data stolen in ransomware attack (source)
- Ratel RAT targets outdated Android phones in ransomware attacks (source)
- Rafel RAT targets outdated Android phones in ransomware attacks (source)
- CDK Global outage caused by BlackSuit ransomware attack (source)
- Chinese Cyberspies Employ Ransomware in Attacks for Diversion (source)
- BlackSuit ransomware gang claims attack on KADOKAWA corporation (source)
- Meet Brain Cipher — The new ransomware behind Indonesia's data center attack (source)
- Patelco shuts down banking systems following ransomware attack (source)
- Dallas County: Data of 200,000 exposed in 2023 ransomware attack (source)
- Rite Aid confirms data breach after June ransomware attack (source)