Comment est né le flux de données du gouvernement fédéral vers Xplain ?
Published: Wednesday, May 1st 2024, 14:30
Retour au fil d'actualité
Pourquoi les pirates ont-ils pu dérober des données fédérales à l'entreprise bernoise Xplain ? Parce que cette entreprise testait et intégrait des logiciels pour la Confédération, ou parce que des données circulaient dans le cadre de services de maintenance ou d'assistance.
This is what the Federal Council writes in its communication published on Wednesday on its measures following the hacker attack in spring 2023. On page 14 of the investigation report, the Geneva law firm entrusted by the national government with the administrative investigation summarizes the situation.
Firstly, she writes that Xplain employees had sent productive data from the federal email account provided to them as part of the collaboration to their email account at Xplain or to the email account of their colleagues at Xplain.
Productive data refers to data that is in live use. According to the investigation, they received this data from federal employees. In at least one case, an Xplain employee most likely extracted data from a production system of the Federal Office of Police (Fedpol) himself.
Secondly, federal employees responsible for internal IT support forwarded user requests containing productive data to Xplain or made them available on a shared server. This was done without first removing the productive data, adding a pseudonym or redacting it.
Thirdly, federal employees had transmitted productive data to Xplain as part of IT development, text or migration work.
9000 data objects transmitted
As the Federal Office for Cybersecurity (BACS) announced in March of this year, the hacker group "Play" stole over 9,000 data objects from the Federal Administration during its attack in May 2023. Half of this data was considered sensitive.
The 9000 data objects included personal data, technical information, classified information and passwords. 121 objects were classified. Four objects contained readable passwords.
©Keystone/SDA
French 
English 
German 
Spanish 
Arabic