كيف حدث تدفق البيانات من الحكومة الفيدرالية إلى Xplain
Published: Wednesday, May 1st 2024, 14:30
العودة إلى البث المباشر
Why were hackers able to steal federal data from the Bern-based company Xplain? Because this company tested and integrated software for the Confederation, or because data flowed as part of maintenance or support services.
This is what the Federal Council writes in its communication published on Wednesday on its measures following the hacker attack in spring 2023. On page 14 of the investigation report, the Geneva law firm entrusted by the national government with the administrative investigation summarizes the situation.
Firstly, she writes that Xplain employees had sent productive data from the federal email account provided to them as part of the collaboration to their email account at Xplain or to the email account of their colleagues at Xplain.
Productive data refers to data that is in live use. According to the investigation, they received this data from federal employees. In at least one case, an Xplain employee most likely extracted data from a production system of the Federal Office of Police (Fedpol) himself.
Secondly, federal employees responsible for internal IT support forwarded user requests containing productive data to Xplain or made them available on a shared server. This was done without first removing the productive data, adding a pseudonym or redacting it.
Thirdly, federal employees had transmitted productive data to Xplain as part of IT development, text or migration work.
9000 data objects transmitted
As the Federal Office for Cybersecurity (BACS) announced in March of this year, the hacker group "Play" stole over 9,000 data objects from the Federal Administration during its attack in May 2023. Half of this data was considered sensitive.
The 9000 data objects included personal data, technical information, classified information and passwords. 121 objects were classified. Four objects contained readable passwords.
©كيستون/إسدا
Arabic 
English 
German 
French 
Spanish