Xplain, a Swiss government software provider, has fallen victim to a ransomware attack, leading to the encryption of stolen data subsequently posted on the darknet by the attackers. The Federal Administration, a client of Xplain, is currently undergoing in-depth analyses to assess the extent of the impact on operational data. While Xplain reported the cyberincident to the National Cybersecurity Centre (NCSC) and the Bern Cantonal Police, ongoing clarifications aim to determine the specific units and data affected within the Federal Administration. Despite concerns, initial findings suggest that Xplain’s systems do not have direct access to the Confederation’s systems.
The National Cybersecurity Centre (NCSC) is actively coordinating further investigations and measures within the Federal Administration. Engaging in continuous communication with Xplain, prosecution authorities, and affected administrative units, the NCSC is committed to providing updates on the situation as more information becomes available. Xplain’s ransomware attack underscores the vulnerabilities faced by government entities in the digital landscape and highlights the critical importance of cybersecurity measures. The assurance that Xplain’s systems lack direct access to the Confederation’s systems provides some relief amid the ongoing efforts to mitigate the impact of the cyber incident.
