The industrial automation giant ABB confirmed it was hit by a ransomware attack earlier this month that resulted in the theft of unspecified data.
A threat actor accessed ABB’s IT environment and deployed ransomware that is not self-propagating, impacting a “limited number” of servers and endpoints, the Switzerland-based company said last week in a press release and FAQ about the attack.
ABB runs an extensive business spanning 21 divisions with customers in industrial machinery, robotics, manufacturing, oil, gas, renewable energy, automotive, food processing, household products, medical equipment and communications, among other sectors. The enterprise operates in more than 100 countries with about 100,000 employees, with roughly one-fifth of its workforce based in the U.S.
ABB said it contained the attack and its key services, systems and factories are operating, but continues to restore impacted infrastructure and strengthen its defenses.
An investigation into the nature and scope of data affected by the attack remains underway with assistance from law enforcement, government officials and third-party experts.
“ABB is in the early stages of its investigation of the incident and will continue to assess the extent of its impact,” the company said.
No customer system was directly impacted, ABB said in a notification shared with customers and posted on Mastodon by cybersecurity researcher Kevin Beaumont.
ABB has not identified the threat actor behind the attack.
ABB ranks among the top 500 enterprises globally, according to Fortune. The company banked more than $1 billion in net income on almost $7.9 billion in revenue during the first quarter of 2023.