CyberSecurityBoard
Sponsor Register Login

Johnson Controls starts notifying people affected by 2023 breach

"Based on our investigation, we determined that an unauthorized actor accessed certain Johnson Controls systems from February 1, 2023 to September 30, 2023 and took information from those systems," the company says in data breach notification letters filed with California's Attorney General, redacted to conceal what information was stolen in the attack. While the firm didn't attribute the incident to a specific ransomware operation, the attack was linked to the Dark Angels ransomware group based on a sample of a VMware ESXi encryptor deployed during the breach, which stated that it was used against Johnson Controls. As BleepingComputer first reported, Johnson Controls was hit by a ransomware attack in September 2023, following a breach of the company's Asian offices in February 2023 and subsequent lateral movement through its network. Building automation giant Johnson Controls is notifying individuals whose data was stolen in a massive ransomware attack that impacted the company's operations worldwide in September 2023. ​BleepingComputer was also told that the ransom note linked to a negotiation chat where the ransomware gang demanded $51 million for a decryptor and to delete data stolen from Johnson Controls' network. Dark Angels, the ransomware operation behind Johnson Controls' 2023 breach, surfaced in May 2022 when it began targeting organizations worldwide in double-extortion attacks. Johnson Controls confirmed in a January 2024 SEC filing that the cyberattack was orchestrated by a ransomware gang that also stole documents from compromised systems during the breach. However, cybersecurity researcher MalwareHunterTeam told BleepingComputer that the Linux encryptor used in the Johnson Controls attack was the same as others used by Ragnar Locker ransomware since 2021. The cyberattack forced Johnson Controls to shut down large portions of its IT infrastructure after the threat actors encrypted many devices, which affected its operations worldwide and customer-facing systems. The ransomware operators also encrypted the company's VMware ESXi virtual machines during the attack and claimed to have stolen over 27 TB of documents containing corporate data.

This Cyber News was published on www.bleepingcomputer.com. Publication date: Tue, 01 Jul 2025 11:50:14 +0000


Cyber News related to Johnson Controls starts notifying people affected by 2023 breach

Johnson Controls starts notifying people affected by 2023 breach - "Based on our investigation, we determined that an unauthorized actor accessed certain Johnson Controls systems from February 1, 2023 to September 30, 2023 and took information from those systems," the company says in data breach notification letters ...
1 month ago Bleepingcomputer.com Ragnar Locker
Thousands of Young People Told Us Why the Kids Online Safety Act Will Be Harmful to Minors - How young people feel about the Kids Online Safety Act matters. These comments show that thoughtful young people are deeply concerned about the proposed law's fallout, and that many who would be affected think it will harm them, not help them. In ...
1 year ago Eff.org
Tech Security Year in Review - In this Tech Security Year in Review for 2023, let's look into the top data breaches of the past year. Each factor contributes to the growing threatscape, demanding a proactive and adaptable cybersecurity approach to safeguard your organization ...
1 year ago Securityboulevard.com
Data Breach Response: A Step-by-Step Guide - In today's interconnected world, organizations must be prepared to respond swiftly and effectively in the face of a data breach. To navigate these challenges, a well-defined and comprehensive data breach response plan is essential. Let's explore the ...
1 year ago Securityzap.com
Cybersecurity Standards vs Procedures vs Controls vs Policies - Four interrelated terms used in cybersecurity are Policies, Procedures, Standards, Guidelines, and Controls. Policies are at the top, Standards and Guidelines add detail to policies, Controls are the measured outcome of standards in use, and ...
1 year ago Securityboulevard.com
How to Set Up Internet Parental Controls - Setting up internet parental controls is a great way to reduce the risk of your child viewing inappropriate content on the web. Parental controls are available on most major internet-enabled devices. Parental controls can prevent and filter a variety ...
1 year ago Pandasecurity.com
Welltok data breach exposes data of 8.5 million US patients - Healthcare SaaS provider Welltok is warning that a data breach exposed the personal data of nearly 8.5 million patients in the U.S. after a file transfer program used by the company was hacked in a data theft attack. Welltok works with health service ...
1 year ago Bleepingcomputer.com
20 Best Inventory Management Tools in 2025 - inFlow Inventory is a comprehensive inventory management tool designed for small to medium-sized businesses, offering features like real-time stock tracking, order management, and barcode scanning to streamline operations. The tool provides advanced ...
1 week ago Cybersecuritynews.com
FTC orders Blackbaud to boost security after massive data breach - Blackbaud has settled with the Federal Trade Commission after being charged with poor security and reckless data retention practices, leading to a May 2020 ransomware attack and a data breach affecting millions of people. Blackbaud is a U.S.-based ...
1 year ago Bleepingcomputer.com
Akumin Files Notice of Data Breach with the Securities and Exchange Commission - On October 16, 2023, Akumin Inc. filed a notice of data breach with the Securities and Exchange Commission after discovering that it had been the recent victim of a ransomware attack. In this notice, Akumin explains that the incident resulted in an ...
1 year ago Jdsupra.com
An In-Depth Guide to the 11 New ISO 27001 Controls - An effective defense against these threats requires a consistent and comprehensive security posture like the one outlined in the ISO 27001 standard. As daunting as these threats seem, up to 80% can be stopped by adopting security controls. The last ...
1 year ago Securityboulevard.com
Welltok Data Breach: 8.5M US Patients' Information Exposed - In a recent cybersecurity incident, Welltok, a leading healthcare Software as a Service provider, reported unauthorized access to its MOVEit Transfer server, affecting the personal information of approximately 8.5 million patients in the United ...
1 year ago Securityboulevard.com
Collection agency FBCS ups data breach tally to 3.2 million people - Debt collection agency Financial Business and Consumer Solutions now says over 3.2 million people have been impacted by a data breach that occurred in February. FBCS is a nationally licensed debt collection agency in the U.S., specializing in ...
1 year ago Bleepingcomputer.com
Infosys McCamish Systems data breach impacted over 6M people - MUST READ. Infosys McCamish Systems data breach impacted over 6 million people. Keytronic confirms data breach after ransomware attack. City of Cleveland still working to fully restore systems impacted by a cyber attack. ABN Amro discloses data ...
1 year ago Securityaffairs.com CVE-2023-20198 Cactus Ransomhub
Texas Retina Associates Notifies Nearly 300k People of Recent Data Breach - On June 26, 2024, Texas Retina Associates filed a notice of data breach with the Attorney General of Texas after discovering that confidential information that had been entrusted to the company was subject to unauthorized access. In this notice, ...
1 year ago Jdsupra.com
Pharmacy provider Truepill data breach hits 2.3 million customers - Postmeds, doing business as 'Truepill,' is sending notifications of a data breach informing recipients that threat actors accessed their sensitive personal information. Truepill is a B2B-focused pharmacy platform that uses APIs for order fulfillment ...
1 year ago Bleepingcomputer.com
Delta Dental says data breach exposed info of 7 million people - Delta Dental of California is warning almost seven million patients that they suffered a data breach after personal data was exposed in a MOVEit Transfer software breach. Delta Dental is a dental insurance provider that covers 85 million people ...
1 year ago Bleepingcomputer.com CVE-2023-34362
Delta Dental of California data breach exposed info of 7 million people - Delta Dental of California and its affiliates are warning almost seven million patients that they suffered a data breach after personal data was exposed in a MOVEit Transfer software breach. Delta Dental of California is a dental insurance provider ...
1 year ago Bleepingcomputer.com CVE-2023-34362
Cardiovascular Consultants Confirms Data Breach in SEC Filing - On December 6, 2023, Cardiovascular Consultants Ltd. filed a notice with the Securities and Exchange Commission disclosing a recent cyberattack and subsequent data breach. In this notice, Cardiovascular Consultants explains that the incident resulted ...
1 year ago Jdsupra.com
Dakota Eye Institute Files Notice of Data Breach Affecting More Than 107k Individuals - On October 23, 2023, the Dakota Eye Institute filed a notice of data breach with the U.S. Department of Health and Human Services Office for Civil Rights after discovering that patients' personal information was compromised following a cyberattack. ...
1 year ago Jdsupra.com
Comcast Xfinity Reports Data Breach Exposing Info About 35M Customers - PRESS RELEASE. MARLTON, N.J., Dec. 19, 2023 /PRNewswire/ - Approximately 35 million consumers are being notified that their confidential information was compromised due to a vulnerability in software created by Citrix and used by Xfinity. The data ...
1 year ago Darkreading.com
Auto parts giant AutoZone warns of MOVEit data breach - AutoZone is warning tens of thousands of its customers that it suffered a data breach as part of the Clop MOVEit file transfer attacks. AutoZone is the leading retailer and distributor of automotive spare parts and accessories in the U.S., operating ...
1 year ago Bleepingcomputer.com
Longhorn Imaging Center Files Notice of Data Breach Affecting Patients' Sensitive Medical Information - On October 25, 2023, South Austin Health Imaging LLC dba Longhorn Imaging Center filed a notice of data breach with the Attorney General of Texas after discovering that confidential information in the company's possession was subject to unauthorized ...
1 year ago Jdsupra.com
AvidXchange Notifies Consumers of Data Breach Following Period of Unauthorized Access - On October 13, 2023, AvidXchange, Inc. filed a notice of data breach with the Attorney General of Massachusetts after discovering that a recent cybersecurity event resulted in an unauthorized party being able to access the company's IT network. In ...
1 year ago Jdsupra.com
Mr. Cooper breach affects more than 14.6M - Mr. Cooper, a major U.S. mortgage servicer, says an October data breach affected nearly 14.7 million people, including all its current and former customers. Mr. Cooper provided a data breach notification to the Office of the Maine Attorney General ...
1 year ago Packetstormsecurity.com

Latest Cyber News


Cyber Trends (last 7 days)


Trending Cyber News (last 7 days)