Swiss Government Data Leaked After Ransomware Attack 

Swiss authorities discovered a data leak of 65,000 government documents following a ransomware attack last year.

  • Targeted Vendor: The attack, linked to the Play ransomware gang, targeted IT vendor Xplain in May 2023. 
  • Data Scope: The leak included 5% of the 1.3 million files stolen, containing classified information, personal data, and internal documents. 
  • Government Departments Affected: 
  1. Most files belonged to Xplain’s work with the government. 
  2. Around 14% originated directly from the Federal Administration. 
  3. Nearly all government files belonged to departments under the Federal Department of Justice and Police (FDJP). 
  4. The Federal Department of Defence, Civil Protection and Sport (DDPS) was also affected, but to a lesser extent. 

Leaked Data Details

  • Types of Data: Personal data (names, addresses, etc.), technical information (IT system documents), classified documents, and passwords. 
  • Breakdown: 
  1. Personal data was found in roughly 4,700 files. 
  2. Technical information is found in over 250 files. 

Investigation and Ongoing Threat

  • Switzerland’s National Cyber Security Centre (NCSC) is investigating the incident. A full report will be sent to the Federal Council by the end of March. 
  • The Play ransomware group has been responsible for over 300 attacks since June 2022, targeting entities worldwide. 

Leave a Reply