The ransomware gang Play carried out their threat and supposedly made all the data they stole from the Bernese IT service provider Xplain AG accessible on the dark web. The so-called “Full Dump” should contain a total of 907 gigabytes (GB). This is evident from a new message on the leak site of the criminal organization.
What the “Full Dump” contains is not publicly known.
Numerous government organizations have worked with Xplain in recent years. The Bernese company develops specialist applications and provides technical support.
Xplain sent Watson a written statement on the recent events on Wednesday:
In preparation for further disclosure of stolen data, further investigations have been carried out in collaboration with the investigative authorities, the NCSC and the customers involved.
With the publication of what is believed to be the entire stolen database on June 14, 2023, all those involved will continue this work with great intensity. All persons affected by the data theft will be notified directly by the respective data owners.”
Earlier, unknown cybercriminals released a few GB of stolen data to put pressure on the affected company. Apparently this did not work out and because the victim did not want to pay the ransom, the perpetrators have now made all data public.
The attack in May affected numerous Swiss authorities who had or have a business relationship with the hacked IT company. According to reports, the stolen data includes business correspondence between Xplain AG and its customers.
According to Watson’s research, several federal government institutions are affected:
The Federal Public Service Defence, Civil Protection and Sport (DDPS) is also affected.
There are also numerous cantonal authorities, as well as other well-known national organizations such as Rega, the Railway Police, Securitrans (today Transsicura). And the city police of Zurich is also one of Xplain’s customers.
The Liechtenstein State Police was also affected by the hacker attack, it was announced on Tuesday. However, the stolen data is just project information.
In the worst case, it concerns case data in individual cases, the Keystone-SDA news agency quotes from a statement by the state police. Case data and personal data were not stored on Xplain servers.
An earlier statement from Xplain said that “no personal and business data from customer systems” was stored on their own servers.
The ransomware gang Play was previously also responsible for hacker attacks on the Valais municipality of Saxon VS (May 2023), the media houses CH Media and NZZ (April), Energie Pool Switzerland (February) and H-Hotels (December 2022). However, these are only the publicly known victims. IT security experts assume that the number of unreported cases is high.
Source: Watson
I’m Ella Sammie, author specializing in the Technology sector. I have been writing for 24 Instatnt News since 2020, and am passionate about staying up to date with the latest developments in this ever-changing industry.
On the same day of the terrorist attack on the Krokus City Hall in Moscow,…
class="sc-cffd1e67-0 iQNQmc">1/4Residents of Tenerife have had enough of noisy and dirty tourists.It's too loud, the…
class="sc-cffd1e67-0 iQNQmc">1/7Packing his things in Munich in the summer: Thomas Tuchel.After just over a year,…
At least seven people have been killed and 57 injured in severe earthquakes in the…
The American space agency NASA would establish a uniform lunar time on behalf of the…
class="sc-cffd1e67-0 iQNQmc">1/8Bode Obwegeser was surprised by the earthquake while he was sleeping. “It was a…