TZUTC: -0500
MSGID: 1212.consprcy@1:2320/105 2cc9257d
PID: Synchronet 3.20a-Linux master/acc19483f Apr 26 202 GCC 12.2.0
TID: SBBSecho 3.20-Linux master/acc19483f Apr 26 2024 23:04 GCC 12.2.0
BBSID: CAPCITY2
CHRS: ASCII 1
Swiss government warns data stolen in third-party ransomware attack

Date:
Tue, 01 Jul 2025 13:04:00 +0000

Description:
A breach at Radix saw Swiss government files leaked on the dark web.

FULL STORY

Multiple agencies of the Swiss federal government were affected by a supply
chain attack that trickled down from Radix, a non-profit organization in the
health promotion sector. 

A short announcement published on the Swiss government website noted, various
administrative units of the Federal Administration were among Radixs
customers. 

It was further explained the company fell prey to a ransomware cyberattack in
which attackers stole and encrypted data before publishing it on the dark 
web. After the fallout, Radix notified the National Cyber Security Centre
(NCSC), which kicked off an investigation to determine exactly what type of
data was affected, and who the victims were. 

As Radix has no direct access to Federal Administration systems, the 
attackers did not gain entry to these systems at any time, the government
explained. 

Radix also issued a statement on its own website, detailing what had 
happened. 

Unfortunately, we must confirm that despite high security standards and
professional support, we have become the victim of a cyberattack, the
machine-translated notification reads. On June 29, 2025, the hacker group
Sarcoma published the stolen data on a leak site. 

Radix further explained the affected people were already notified, and
stressed that the data from partner organizations were not compromised. 

Access to the affected data was immediately revoked after the attack was
discovered. There was a confirmed data leak, and various data were encrypted.
However, RADIX retains all data in an intact state on backups. The exact
method of the attack is currently under investigation. 

Claiming all of the data was left intact on backups suggests the company is
not interested in paying the ransom demand. This would make sense, since the
attackers allegedly already leaked the spoils on the dark web. 

 Via BleepingComputer

======================================================================
Link to news story:
https://www.techradar.com/pro/security/swiss-government-warns-data-stolen-in-t
hird-party-ransomware-attack

$$
--- SBBSecho 3.20-Linux
 * Origin: capitolcityonline.net * Telnet/SSH:2022/HTTP (1:2320/105)
SEEN-BY: 105/81 106/201 128/187 129/14 305 153/7715 154/110 218/700
SEEN-BY: 226/30 227/114 229/110 111 206 300 307 317 400 426 428 664
SEEN-BY: 229/700 705 266/512 291/111 320/219 322/757 342/200 396/45
SEEN-BY: 460/58 712/848 902/26 2320/0 105 304 3634/12 5075/35
PATH: 2320/105 229/426