/

JCI Data Breach: What & How It Happened?

JCI Data Breach: What & How It Happened?

Twingate Team

Jun 20, 2024

In September 2023, Johnson Controls International, a multinational conglomerate, faced a significant cybersecurity incident involving a ransomware attack. This event led to a data breach, causing considerable financial expenses for the company. Despite demands for a ransom, Johnson Controls decided against payment, resulting in the unauthorized release of some stolen data.

How many accounts were compromised?

The breach impacted data over 76 million households and 7 million small businesses.

What data was leaked?

The data exposed in the breach consisted of corporate data, potentially including highly sensitive information related to the company's operations and internal IT infrastructure.

How was JCI hacked?

The attackers breached Johnson Controls' systems through spear-phishing emails, escalated their privileges within the company's infrastructure, and deployed ransomware to encrypt critical data. The Dark Angels ransomware gang claimed responsibility for the attack and demanded a $51 million ransom.

JCI's solution

In response to the hacking incident, Johnson Controls activated its incident response plan, which helped contain the attack and restore most services within days. Although the enhanced security measures taken by the company remain unclear, Johnson Controls worked with external cybersecurity forensics and remediation experts to address the situation. The company refused to pay the ransom, and the attackers published a sample of stolen data, raising concerns about potential further leaks.

How do I know if I was affected?

It is unclear whether Johnson Controls International reached out to affected users following the data breach. If you believe you may have been affected and have not received a notification, you can visit Have I Been Pwned to check your credentials.

What should affected users do?

In general, affected users should:

  • Change Your Passwords: Immediately update your passwords for any accounts that may have been compromised. Make sure the new passwords are strong and unique, not previously used on any other platform.

  • Reset Passwords for Other Accounts: If you've used the same or similar passwords for other online accounts, reset those as well. This is crucial as attackers often try using stolen passwords on multiple sites.

  • Enable Two-Factor Authentication (2FA): Activate 2FA on any affected accounts. Consider enabling this additional security feature on all other important online accounts to significantly reduce the risk of unauthorized access.

  • Monitor Your Accounts: Keep an eye on your accounts for any suspicious activity and report any unauthorized access or transactions to the appropriate parties.

For more specific help and instructions related to JCI's data breach, please contact Johnson Controls support directly.

Where can I go to learn more?

If you want to find more information on the JCI data breach, check out the following news articles:

Rapidly implement a modern Zero Trust network that is more secure and maintainable than VPNs.

/

JCI Data Breach: What & How It Happened?

JCI Data Breach: What & How It Happened?

Twingate Team

Jun 20, 2024

In September 2023, Johnson Controls International, a multinational conglomerate, faced a significant cybersecurity incident involving a ransomware attack. This event led to a data breach, causing considerable financial expenses for the company. Despite demands for a ransom, Johnson Controls decided against payment, resulting in the unauthorized release of some stolen data.

How many accounts were compromised?

The breach impacted data over 76 million households and 7 million small businesses.

What data was leaked?

The data exposed in the breach consisted of corporate data, potentially including highly sensitive information related to the company's operations and internal IT infrastructure.

How was JCI hacked?

The attackers breached Johnson Controls' systems through spear-phishing emails, escalated their privileges within the company's infrastructure, and deployed ransomware to encrypt critical data. The Dark Angels ransomware gang claimed responsibility for the attack and demanded a $51 million ransom.

JCI's solution

In response to the hacking incident, Johnson Controls activated its incident response plan, which helped contain the attack and restore most services within days. Although the enhanced security measures taken by the company remain unclear, Johnson Controls worked with external cybersecurity forensics and remediation experts to address the situation. The company refused to pay the ransom, and the attackers published a sample of stolen data, raising concerns about potential further leaks.

How do I know if I was affected?

It is unclear whether Johnson Controls International reached out to affected users following the data breach. If you believe you may have been affected and have not received a notification, you can visit Have I Been Pwned to check your credentials.

What should affected users do?

In general, affected users should:

  • Change Your Passwords: Immediately update your passwords for any accounts that may have been compromised. Make sure the new passwords are strong and unique, not previously used on any other platform.

  • Reset Passwords for Other Accounts: If you've used the same or similar passwords for other online accounts, reset those as well. This is crucial as attackers often try using stolen passwords on multiple sites.

  • Enable Two-Factor Authentication (2FA): Activate 2FA on any affected accounts. Consider enabling this additional security feature on all other important online accounts to significantly reduce the risk of unauthorized access.

  • Monitor Your Accounts: Keep an eye on your accounts for any suspicious activity and report any unauthorized access or transactions to the appropriate parties.

For more specific help and instructions related to JCI's data breach, please contact Johnson Controls support directly.

Where can I go to learn more?

If you want to find more information on the JCI data breach, check out the following news articles:

Rapidly implement a modern Zero Trust network that is more secure and maintainable than VPNs.

JCI Data Breach: What & How It Happened?

Twingate Team

Jun 20, 2024

In September 2023, Johnson Controls International, a multinational conglomerate, faced a significant cybersecurity incident involving a ransomware attack. This event led to a data breach, causing considerable financial expenses for the company. Despite demands for a ransom, Johnson Controls decided against payment, resulting in the unauthorized release of some stolen data.

How many accounts were compromised?

The breach impacted data over 76 million households and 7 million small businesses.

What data was leaked?

The data exposed in the breach consisted of corporate data, potentially including highly sensitive information related to the company's operations and internal IT infrastructure.

How was JCI hacked?

The attackers breached Johnson Controls' systems through spear-phishing emails, escalated their privileges within the company's infrastructure, and deployed ransomware to encrypt critical data. The Dark Angels ransomware gang claimed responsibility for the attack and demanded a $51 million ransom.

JCI's solution

In response to the hacking incident, Johnson Controls activated its incident response plan, which helped contain the attack and restore most services within days. Although the enhanced security measures taken by the company remain unclear, Johnson Controls worked with external cybersecurity forensics and remediation experts to address the situation. The company refused to pay the ransom, and the attackers published a sample of stolen data, raising concerns about potential further leaks.

How do I know if I was affected?

It is unclear whether Johnson Controls International reached out to affected users following the data breach. If you believe you may have been affected and have not received a notification, you can visit Have I Been Pwned to check your credentials.

What should affected users do?

In general, affected users should:

  • Change Your Passwords: Immediately update your passwords for any accounts that may have been compromised. Make sure the new passwords are strong and unique, not previously used on any other platform.

  • Reset Passwords for Other Accounts: If you've used the same or similar passwords for other online accounts, reset those as well. This is crucial as attackers often try using stolen passwords on multiple sites.

  • Enable Two-Factor Authentication (2FA): Activate 2FA on any affected accounts. Consider enabling this additional security feature on all other important online accounts to significantly reduce the risk of unauthorized access.

  • Monitor Your Accounts: Keep an eye on your accounts for any suspicious activity and report any unauthorized access or transactions to the appropriate parties.

For more specific help and instructions related to JCI's data breach, please contact Johnson Controls support directly.

Where can I go to learn more?

If you want to find more information on the JCI data breach, check out the following news articles: