Cyber criminals steal data from the Federal Administration again

Published: Tuesday, Nov 14th 2023, 18:00

Updated At: Tuesday, Nov 14th 2023, 18:03

Back to Live Feed

Hackers have apparently once again stolen data from the Federal Administration. According to the Confederation, the data was stolen from the company Concevis, a provider of software solutions for public administrations. The company's customers include several federal offices.

The National Cyber Security Center (NCSC) announced the data theft on Tuesday. According to current findings, the theft involved older operational data held by external federal service providers.

It is currently considered unlikely that federal systems themselves have been hacked. There are no indications of this.

Ransom payment rejected

Immediately beforehand, Concevis had announced that the company had fallen victim to a so-called ransomware attack on November 4 and 5. In such attacks, hackers first steal data and encrypt it. They then demand a ransom from the affected companies.

After Concevis refused to pay a ransom, the hackers now threatened to publish the data on the darknet, the NCSC wrote. According to the Confederation and Concevis, the exact extent of the data theft is still unclear. Experts are therefore clarifying exactly which offices are affected and what data has been stolen.

Strong encryption

According to the NCSC, Concevis' client list currently includes the Federal Office for Civil Protection, the Federal Office for Spatial Development, the Federal Statistical Office, the Federal Office of Civil Aviation, the Federal Tax Administration and the Armed Forces Training Command.

An extensive data outflow is assumed, Concevis wrote. The attackers would have used strong encryption mechanisms to cover their tracks. The software company has filed a criminal complaint with the Basel-Stadt public prosecutor's office.

Not the first case

This is the second such case within a few months. Back in May, it became known that cyber criminals had attacked the IT service provider Xplain, based in Interlaken BE, with ransomware. As a result, data from the Federal Office of Police (Fedpol) and the Federal Office of Customs and Border Protection (FOCP), among others, ended up on the darknet.

Among other things, this involved personal data from the military police and information on people who were listed in the hooligan information system operated by Fedpol in 2015.

The Federal Data Protection and Information Commissioner (Edöb) launched an investigation into the attack on Xplain in July. In the fall session, Parliament referred a motion to the Federal Council demanding that the Federal Council establish new legal bases for the more secure storage of Switzerland's most important digital data.

The state government itself commissioned a Geneva law firm to conduct an external investigation into the events surrounding Xplain back in August. The results are expected by the end of March 2024 at the latest.

©Keystone/SDA

Related Stories

Stay in Touch

Noteworthy

the swiss times
A production of UltraSwiss AG, 6340 Baar, Switzerland
Copyright © 2024 UltraSwiss AG 2024 All rights reserved