On 27 September 2025, building technology firm Johnson Controls was targeted in a ransomware attack attributed to the Dark Angels group. The attack involved encryption of critical VMWare ESXi virtual machines, crippling several business operations. About 27 terabytes of sensitive corporate data was stolen, including personnel files and proprietary technology information. The breach forced Johnson Controls into emergency response mode, prioritizing containment and recovery. The company engaged cybersecurity forensics teams and law enforcement agencies to trace the attack vector. This disruption highlights vulnerabilities in industrial technology companies, increasingly targeted for valuable intellectual property and operational disruption by organized cybercriminal groups. Johnson Controls urges vigilance and swift incident response to minimize damage in the growing ransomware landscape.
