According to media reports, during the hacker attack on the Bernese IT company Xplain disclosed by Watson, confidential documents of the Federal Security Service were stolen and published – including dispositives for state guests and magistrates.
According to a preliminary report by “NZZ am Sonntag,” the data made available on the dark web also includes a 2018 document on security measures for foreign diplomats and embassies, as well as individuals and objects protected by the federal government. The addresses of federal councilors are listed, as are the residences of top executives under protection.
According to “Sonntagsblick,” the hackers also fell into the hands of Interpol arrest and extradition requests and wanted messages in cases involving suspected serious criminals.
There was no comment from authorities. Investigations are already underway into how sensitive Confederation data could be stored on the private company’s server and ultimately end up with cybercriminals.
What happened?
In the spring of 2023, hackers exploited a vulnerability on the servers of IT service provider Xplain and stole data from the federal government, among other things. Then they launch an encryption malware (ransomware).
On May 23, unknown cybercriminals published a first threatening letter on the «Play» gang’s dark web leak site, and Watson made the attack public.
At the beginning of June, the alleged Russian cybercriminals made several gigabytes (GB) of stolen data available on the corresponding leak site on the dark web.
On June 8, the National Center for Cybersecurity (NCSC) announced that federal operational data could also be compromised by the attack.
On June 14, the cyber criminals would make all stolen data (more than 900 GB) accessible. Such a publication is called a «full dump».
That same day, the NCSC announced that action was needed after in-depth data analysis. Because operational data had been compromised by the attack, several departments of the federal government had filed criminal charges.
Millions of files affected
On June 28, the Federal Council announced that it had mandated a crisis management team called “data outflow”. All departments, the Federal Chancellery and a representative of the district judges and police directors (KKJPD) are involved in the body.
In addition, the Federal Council has a mandate drawn up for an administrative inquiry. This should be investigated by an independent body as to whether, where and why the federal government’s security requirements have been poorly implemented, it said. It is unclear how a private IT provider gained access to the sensitive data.
Federal experts are evaluating and analyzing the incident and data breach. The Federal Council assumes that this could take several weeks to months. It’s several million files.
(dsc/sda)
Hacker attack with far-reaching consequences
Source: Watson
I’m Ella Sammie, author specializing in the Technology sector. I have been writing for 24 Instatnt News since 2020, and am passionate about staying up to date with the latest developments in this ever-changing industry.
