// UNCLASSIFIED // CLEARED FOR PUBLIC RELEASE //
FILE BRC-newsDTG 0600Z
ColdRecon / Breach Radar / Johnson Controls
Breach Record

Johnson Controls

DISCLOSED 2023-09-29 · RANSOMWARE · RANSOMWARE

Johnson Controls suffered a ransomware attack by the Dark Angels group, who demanded a $51 million ransom. The attack was reported on September 29, 2023. Further details on data exposure or initial access were not disclosed.

The record

What we know

Disclosed
2023-09-29
Attack vector
Ransomware
Sector
industrial
RANSOMWARE ENDPOINT INVOLVED
ColdRecon assessment

Could a positive-security control have prevented this?

Verdict · unclear · opinion

Without details on initial access or execution, it is unclear if a positive-security model would have prevented the ransomware deployment.

Our assessments are opinion, grounded in the cited public facts. Read them critically.

Sources

Cited reporting

Similar vector · recent

Other ransomware breaches on file

This page is the permanent ColdRecon entry for the Johnson Controls disclosure. It updates if new public reporting emerges. All tracked breaches →

Johnson Controls just lived through this. Your next prospect doesn't have to.

ColdRecon turns every disclosed breach into a daily intelligence brief from the seller's seat — normalized to the factors that move a deal, written in the Handler's voice. Request clearance and the first lands tomorrow at 0600.

Request Clearance →