Security News > 2023 > June > Switzerland under cyberattack
Swiss government websites are under DDoS attacks, but several ransomware gangs have also turned their sights on Swiss government organizations, cantonal governments, cities and companies in the last few months.
Though the company is still trying to determine what data was stolen, someone - possibly BlackBasta, but who knows? - is trying to sell over 1.5 TB of company and customer data purportedly stolen from TAG Aviation on the Unsafe leak site/dark web marketplace.
The association revealed that some data has been stolen, and told Swiss news outlet Inside IT that the attackers claim to have stolen 161 gigabytes of files and have published screenshots of financial documents, employee ID cards and data on the dark web.
Despite the company's claims that they do not store data from customer systems, a more recent update by the Swiss NCSC says that "It appears that operational data of the Federal Administration could also be affected by the ransomware attack on the IT company Xplain, which resulted in some of the stolen data being published on the darknet."
"Xplain's clients also include various administrative units of the Federal Administration. Clarifications are currently under way to determine the specific units and data concerned. Contrary to the initial findings and following recent in-depth clarifications, it has to be assumed that operational data could also be affected. Based on the information currently available, the Federal Administration does not believe that the Xplain systems have direct access to the Confederation's systems," the NCSC added.
The Play gang previously stole data from Swiss media companies CH Media and NZZ and leaked it in early May..
News URL
https://www.helpnetsecurity.com/2023/06/14/swiss-government-ddos/