Data stolen from software supplier: City of Lucerne and both Basel also hit by hacker attack

class=”sc-29f61514-0 fwWrRV”>

The hacker attack on software supplier Concevis continues to expand. On Tuesday, the company reported an attack that encrypted all of the company’s servers. Based on current knowledge, the stolen data likely included older, operational federal government data. But not alone.

The hacker attack on software supplier Concevis has consequences for the administrations of both Basels. As an immediate measure, the two Basels immediately blocked all services. The Basel State Chancellery announced on Thursday that the software supplier is currently analyzing, in collaboration with a team of external security experts, whether data from the affected departments has been leaked via the supplier Concevis.

According to the announcement, the Office for the Environment and Energy, the Office for Civil Engineering and the Building and Catering Inspectorate (BVD) in the Basel administration will receive services from Concevis.

Baselland files a criminal complaint

The canton of Baselland also works with Concevis. According to Thursday’s communiqué, he will file a criminal complaint. The Basel Air Hygiene Office, the Environment and Energy Office, the police, the Lost and Found Office, the Ebenrain Center, the Cantonal Social Security Office and the Cantonal Office for Industry, Commerce and Labor received services from Concevis. All services were immediately blocked.

The city of Lucerne uses a tool for applications for the use of public space, according to a press release. According to current knowledge, older data provided when submitting the application may be affected, the city of Lucerne announced on Thursday. This includes applicants’ name, address, date of birth, telephone number and email address. Concevis AG is still investigating whether this data has been leaked.

Data Protection Officer initiates preliminary clarification

On Tuesday it was announced that hackers had again stolen data from the federal government. The National Center for Cybersecurity (NCSC) had informed about the data theft. Current findings indicate older operational data was held by third-party federal service providers, it said.

Immediately before that, software supplier Concevis announced that the company had fallen victim to a so-called ransomware attack on November 4 and 5. In such attacks, hackers first steal data and encrypt it. They then demand ransoms from the affected companies. But Concevis refused.

After the renewed hacker attack, the Federal Data Protection Commissioner launched a preliminary investigation. The attacked software supplier Concevis had already filed a criminal complaint with the public prosecutor’s office in Basel-Stadt.

(SDA)

Source:Blick