The Swiss National Cyber Security Centre (NCSC ) released a report detailing its investigation into a data breach following a ransomware attack on Xplain, revealing that the incident had an impact on thousands of sensitive Federal government documents.
Swedish government ministries, administrative models, and even the country’s military power are served by Xplain, a provider of technology and software solutions. On May 23, 2023, the Play ransomware group broke into the business.
The risk actor at the time claimed to have stolen files containing sensitive information, and it followed through on its threats and published the stolen information on its blockchain portal in early June 2023.
The Swiss authorities immediately acknowledged that the leaked information may include documents pertaining to the Federal Administration of Switzerland.
The Swiss authorities confirmed that 65, 000 government records were leaked as a result of the breach in a new affirmation released today:
- About 5 % ( 65, 000 documents ) of the roughly 1.3 million files released by Play ransomware are pertinent to the Federal Administration.
- The Federal Office of Justice, the Federal Office of Justice, the Federal Office of Justice, the Federal Office of Immigration, the State Secretariat for Migration, and the internal IT support core ISC- FDJP are the main administrative models of the Federal Department of Justice and Police ( FDJP).
- More than 3 % of that information was only slightly affected by the Federal Department of Defense, Civil Protection, and Sport ( DDPS).
- Personal data ( names, email addresses, phone numbers, and addresses ), technical details, classified information, and account passwords were included in about 5, 000 documents.
- A few hundred files in total contained passwords, program or structural data, and IT system documentation.
The Federal Council will receive all findings and security tips from the operational research, which was launched on August 23, 2023, according to the news.
Due to the difficulty of analyzing unstructured information and the huge amount of leaked data, which required a lot of time and resources to screening Federal Administration-relevant documents, the investigation’s lengthy duration is attributed to the complexity of the investigation.
Additionally, the legal complexity of analyzing the leaked files for information is complicated, as inter-organizational cooperation and participation are required for sensitive information, which will ultimately lengthen the process.