Security News > 2024 > January > Johnson Controls says ransomware attack cost $27 million, data stolen
Johnson Controls International has confirmed that a September 2023 ransomware attack cost the company $27 million in expenses and led to a data breach after hackers stole corporate data.
As first reported by BleepingComputer, Johnson Controls suffered a ransomware attack in September after the firm's Asia offices were initially breached, and the attackers spread throughout their network.
The Dark Angels ransomware gang was behind the attack and claimed to have stolen over 27 TB of confidential data from Johnson Controls.
In a quarterly report filed with the U.S. Securities and Exchange Commission yesterday, Johnson Controls confirmed that the cyberattack they suffered on September 23, 2023, was a ransomware attack that resulted in the theft of data.
"The cybersecurity incident consisted of unauthorized access, data exfiltration, and deployment of ransomware by a third party to a portion of the Company's internal IT infrastructure," confirmed Johnson Controls.
Johnson Controls expects this cost to rise in the coming months as they continue to determine what data was stolen and work with external cybersecurity forensics and remediation experts.
News URL
Related news
- Starbucks, Supermarkets Targeted in Ransomware Attack (source)
- CISA confirms critical Cleo bug exploitation in ransomware attacks (source)
- Clop ransomware claims responsibility for Cleo data theft attacks (source)
- Rhode Island confirms data breach after Brain Cipher ransomware attack (source)
- Ascension: Health data of 5.6 million stolen in ransomware attack (source)
- Clop ransomware threatens 66 Cleo attack victims with data leak (source)
- French govt contractor Atos denies Space Bears ransomware attack claims (source)
- Casio says data of 8,500 people exposed in October ransomware attack (source)
- Preventing the next ransomware attack with help from AI (source)
- Ransomware on ESXi: The mechanization of virtualized attacks (source)