Connect with us

Hi, what are you looking for?



Swiss Fear Government Data Stolen in Cyberattack

Switzerland said government operational data might have been stolen in a ransomware attack on a technology firm that provides software for several departments.

Switzerland said Thursday that government operational data might have been stolen in a cyberattack on the technology firm that provides software for several departments.

“Xplain, a Swiss provider of government software, has been the victim of a ransomware attack. After the stolen data had been encrypted and the company blackmailed, the attackers posted some of the stolen data on the darknet,” the government said in a statement.

“Contrary to the initial findings and following recent in-depth clarifications… it appears that operational data of the federal administration could also be affected.

“In-depth analyses are still ongoing.”

The Swiss army and the customs department are among the clients of Xplain, which supplies software to authorities specialising in homeland security.

The government said it did not believe that the Xplain systems have direct access to the federal administration systems.

Xplain accused a ransomware group called Play of being behind the attack.

Advertisement. Scroll to continue reading.

“We have not made any contact with the Play group and we will not pay a ransom,” Xplain’s director Andreas Loewinger told AFP on Saturday.

Xplain has notified Switzerland’s National Cybersecurity Centre and the Bern police.

As in other countries, cyberattacks targeting companies, governments and even universities are on the increase in Switzerland.

Recently, two media outlets, CH Media and NZZ, were targeted by Play.

Related: Ransomware Group Used MOVEit Exploit to Steal Data From Dozens of Organizations

Related: SaaS Ransomware Attack Hit Sharepoint Online Without Using a Compromised Endpoint

Related: Pharmaceutical Giant Eisai Takes Systems Offline Following Ransomware Attack

Written By

AFP 2023

Click to comment

Daily Briefing Newsletter

Subscribe to the SecurityWeek Email Briefing to stay informed on the latest threats, trends, and technology, along with insightful columns from industry experts.

Join security experts as they discuss ZTNA’s untapped potential to both reduce cyber risk and empower the business.


Join Microsoft and Finite State for a webinar that will introduce a new strategy for securing the software supply chain.


Expert Insights

Related Content


The changing nature of what we still generally call ransomware will continue through 2023, driven by three primary conditions.


Satellite TV giant Dish Network confirmed that a recent outage was the result of a cyberattack and admitted that data was stolen.


A SaaS ransomware attack against a company’s Sharepoint Online was done without using a compromised endpoint.


Several major organizations are confirming impact from the latest zero-day exploits hitting Fortra's GoAnywhere software.

Cloud Security

Cloud security researcher warns that stolen Microsoft signing key was more powerful and not limited to and Exchange Online.

Management & Strategy

Industry professionals comment on the recent disruption of the Hive ransomware operation and its hacking by law enforcement.

Data Breaches

KFC and Taco Bell parent company Yum Brands says personal information was compromised in a January 2023 ransomware attack.


US payments giant NCR has confirmed being targeted in a ransomware attack for which the BlackCat/Alphv group has taken credit.