The government in Switzerland is informing that sensitive information from various federal offices has been affected by a ransomware attack in third party organization Radics.
Hackers have stolen data from the redix system and later leaked it on the dark web, the Swiss government says.
The exposed data is being analyzed with the help of the country’s National Cyber Security Center (NCSC) to determine which government agencies are affected and what effects are affected.
“Foundation Radix is targeted by a ransomware attack, during which data was stolen and encrypted,” Swiss government announced,
“Radix customers include various federal offices. The data is published on the dark web and will now be analyzed by the concerned offices.”
Sarcoma ransomware attack
Radix is a zurich-based non-profit organization dedicated to health enhancement. It operates eight capacity centers that carry out commissioned projects and services by Swiss federal government, cantonal and municipal authorities and other public and private organizations.
Organization A statement issued Saying that Sarcoma ransomware colleagues compromised their system on 16 June.
Sarcoma is a rapid emerging ransomware group, which began operations in October 2024, which quickly became most active by claiming 36 victims in its first month. A notable case was an attack against PCB veteran Animicron.
Sarcoma achieves access through fishing, old weaknesses and supply-chain attacks. Hackers then usually take advantage of RDP connection and later go on the network. In the final stages of the attack, the actor steals the data and can also encrypt it.
The danger actor published the stolen data stolen on his leaked portal on the dark web on June 29, which is likely to fail for forced recovery efforts.
Source: Bleepingcomputer
Radix says that it informs the affected individuals through personal information and notes that there is no evidence that sensitive data was affected by the partner organizations.
Meanwhile, Sarcoma has published a 1.3TB collection on its forced recovery portal, including several documents scans, financial records, contracts and communications. Data is being introduced for free.
To reduce this risk, Radics suggests that potentially exposed individuals are cautious in the coming months and are careful with their efforts to get their password, credit card number and account credentials.
Bleepingcomputer has approached the NCSC to request more information about uncontrolled data by ongoing investigation, but a comment was not available immediately.
In March 2024, the Swiss government confirmed that it faced a similar risk through the third party software service provider XPLAIN, which was dissolved by the Play Rainmware Group on 23 May, 2023.
The incident resulted in a leakage of 65,000 documents related to federal administration, many of which had sensitive personal information.
While cloud attacks can be more sophisticated, the attackers still succeed with surprisingly simple techniques.
Drawing by the detection of Vij in thousands of organizations, this report reveals the 8 major techniques used by Claude-Floid danger actors.
