March 8, 2024 By Pierluigi Paganini
The ransomware attack on Xplain impacted tens of thousands Federal government files, said the National Cyber Security Centre (NCSC) of Switzerland.
The National Cyber Security Centre (NCSC) published a data analysis report on the data breach resulting from the ransomware attack on the IT services provider Xplain. The attack took place on May 23, 2023 and the Play ransomware gang claimed responsibility for the data breach.
In early June, Swiss police launched an investigation into the cyberattack that targeted the Bernese IT company Xplain. Xplain provides its services to several federal and cantonal government departments, the army, customs, and the Federal Office of Police (Fedpol).
Threat actors initially published alleged stolen data from the Federal Office of Police (Fedpol) and the Federal Office for Customs and Border Security (FOCBS) on a Darknet forum.
Local media reported that attackers exploited a vulnerability on the servers of the company.
Both Fedpol and the federal customs office confirmed the attack but attempted to downplay the incident. According to Fedpol, threat actors only had access to simulated, anonymous data for test purposes.
