Johnson Controls Suffers $27 Million Loss in Devastating Ransomware Attack, Confidential Data Stolen

Johnson Controls has reported a $27 million loss due to a ransomware attack. The company confirmed data theft, including sensitive information, and has taken measures to prevent further attacks. Learn more about the incident and the cybersecurity steps Johnson Controls is implementing to protect its operations.



Picture this: a multinational conglomerate with a hand in everything from industrial control systems to fire safety equipment suffers a ransomware attack that costs the company $27 million and leads to a major data breach. Sounds like a nightmare, right? Well, that’s exactly what happened to Johnson Controls International in September 2023.

A ransomware attack that shook the company to its core

It all started when hackers breached Johnson Controls’ Asia offices, then spread throughout the company’s network. This forced the firm to shut down large portions of its IT infrastructure, affecting customer-facing systems.

Behind the attack was the Dark Angels ransomware gang, which claimed to have stolen over 27 TB of confidential data from Johnson Controls. The hackers demanded a whopping $51 million ransom to delete the data and provide a file decryptor.

For some context, the Dark Angels ransomware gang was launched in May 2022, using encryptors based on the leaked source code of the now-defunct Babuk and Ragnar Locker operations.

Johnson Controls finally comes clean

Initially, Johnson Controls acknowledged a service disruption and attributed the cause to a “cybersecurity incident,” but didn’t provide details on the type of the attack or the possibility of it having caused a data breach.

However, in a quarterly report filed with the U.S. Securities and Exchange Commission (SEC) in January 2024, the company confirmed that the cyberattack they suffered was a ransomware attack that resulted in the theft of data.

Even more troubling, Johnson Controls revealed that the expenses associated with responding to and remediating the cyberattack amounted to $27 million. And they expect this cost to rise in the coming months as they continue to determine what data was stolen and work with external cybersecurity forensics and remediation experts.

What’s next for Johnson Controls?

Based on the information to date, Johnson Controls is confident that the unauthorized activity has been fully contained, and its digital products and services, including OpenBlue and Metasys, are all available.

But this incident serves as a stark reminder of the importance of cybersecurity and the potential consequences of falling victim to a ransomware attack.

Don’t let your company become the next Johnson Controls

With cyberattacks on the rise, it’s crucial for businesses of all sizes to prioritize cybersecurity and invest in robust solutions to protect their data, networks, and systems. That’s where we come in. Our IT Services can help you safeguard your company’s digital assets and stay ahead of the constantly evolving threat landscape.

So don’t wait for a cyberattack to cripple your business. Contact us today to learn more about our expertise in cybersecurity and how we can help you protect your company’s valuable data and systems. And remember, it’s better to be proactive than reactive when it comes to cybersecurity.

Leave a Reply

Your email address will not be published. Required fields are marked *


Exit mobile version