Ransomware attack causes leak of Swiss government documents

Switzerland's National Cyber Security Centre has published a report on its analysis of a data breach following a ransomware attack on Xplain, revealing that the incident affected thousands of sensitive federal government files.

Xplain is a Swiss provider of technology and software solutions to various government departments and administrative units, including the country's military. The Play ransomware group broke into the company on 23 May 2023 and in June published the stolen data on its DarkNet portal. The Swiss government confirmed that approximately 65,000 government documents were leaked, with the majority affecting administrative units of the Federal Department of Justice and Police.

The administrative investigation, launched in August 2023, is expected to be completed this month, with findings and cybersecurity recommendations shared with the Federal Council.