Swiss Government Data Leaked After Ransomware Attack
- March 28, 2024
- 8:20 am
Swiss authorities discovered a data leak of 65,000 government documents following a ransomware attack last year.
- Targeted Vendor: The attack, linked to the Play ransomware gang, targeted IT vendor Xplain in May 2023.
- Data Scope: The leak included 5% of the 1.3 million files stolen, containing classified information, personal data, and internal documents.
- Government Departments Affected:
- Most files belonged to Xplain’s work with the government.
- Around 14% originated directly from the Federal Administration.
- Nearly all government files belonged to departments under the Federal Department of Justice and Police (FDJP).
- The Federal Department of Defence, Civil Protection and Sport (DDPS) was also affected, but to a lesser extent.
Leaked Data Details
- Types of Data: Personal data (names, addresses, etc.), technical information (IT system documents), classified documents, and passwords.
- Breakdown:
- Personal data was found in roughly 4,700 files.
- Technical information is found in over 250 files.
Investigation and Ongoing Threat
- Switzerland’s National Cyber Security Centre (NCSC) is investigating the incident. A full report will be sent to the Federal Council by the end of March.
- The Play ransomware group has been responsible for over 300 attacks since June 2022, targeting entities worldwide.
