It’s one year since Swiss federal documents were leaked onto the dark web, and no one seems to know how the scammers stole them.
In May 2023, Swiss software developer Xplain was subject to a ransomware attack while contracted by the Swiss government. They immediately became aware of the attack but were unable to mitigate it. As many as 1.3 million files were released by the ransomware group Play.
A report by Bleeping Computer, says 65,000 documents were “relevant” to the Swiss government. Around 5,000 contained sensitive information, including personal data such as names, email addresses, telephone numbers, and addresses, and technical details, classified information and account passwords.
One of the most disconcerting aspects of the attack is Xplain still has no idea how the breach happened, according to its own statement released on February 8. The company says that ransomware groups often use undisclosed vulnerabilities to hack computer systems.
There is one important takeaway from Xplain’s experience. Miraculously, the report added that the company has not been significantly financially harmed. It has a diverse range of projects and indemnity insurance to protect itself against the risk of one project going wrong, which mitigated the fallout from the attack. Bear this in mind - cybercrime is too unpredictable to risk it all in one place. So, never have all your eggs in one basket, and always get insurance.