TZUTC: -0500   
   MSGID: 1212.consprcy@1:2320/105 2cc9257d   
   PID: Synchronet 3.20a-Linux master/acc19483f Apr 26 202 GCC 12.2.0   
   TID: SBBSecho 3.20-Linux master/acc19483f Apr 26 2024 23:04 GCC 12.2.0   
   BBSID: CAPCITY2   
   CHRS: ASCII 1   
   Swiss government warns data stolen in third-party ransomware attack   
      
   Date:   
   Tue, 01 Jul 2025 13:04:00 +0000   
      
   Description:   
   A breach at Radix saw Swiss government files leaked on the dark web.   
      
   FULL STORY   
      
   Multiple agencies of the Swiss federal government were affected by a supply   
   chain attack that trickled down from Radix, a non-profit organization in the   
   health promotion sector.    
      
   A short announcement published on the Swiss government website noted, various   
   administrative units of the Federal Administration were among Radixs   
   customers.    
      
   It was further explained the company fell prey to a ransomware cyberattack in   
   which attackers stole and encrypted data before publishing it on the dark    
   web. After the fallout, Radix notified the National Cyber Security Centre   
   (NCSC), which kicked off an investigation to determine exactly what type of   
   data was affected, and who the victims were.    
      
   As Radix has no direct access to Federal Administration systems, the    
   attackers did not gain entry to these systems at any time, the government   
   explained.    
      
   Radix also issued a statement on its own website, detailing what had    
   happened.    
      
   Unfortunately, we must confirm that despite high security standards and   
   professional support, we have become the victim of a cyberattack, the   
   machine-translated notification reads. On June 29, 2025, the hacker group   
   Sarcoma published the stolen data on a leak site.    
      
   Radix further explained the affected people were already notified, and   
   stressed that the data from partner organizations were not compromised.    
      
   Access to the affected data was immediately revoked after the attack was   
   discovered. There was a confirmed data leak, and various data were encrypted.   
   However, RADIX retains all data in an intact state on backups. The exact   
   method of the attack is currently under investigation.    
      
   Claiming all of the data was left intact on backups suggests the company is   
   not interested in paying the ransom demand. This would make sense, since the   
   attackers allegedly already leaked the spoils on the dark web.    
      
    Via BleepingComputer   
      
   ======================================================================   
   Link to news story:   
   https://www.techradar.com/pro/security/swiss-government-warns-data-stolen-in-t   
   hird-party-ransomware-attack   
      
   $$   
   --- SBBSecho 3.20-Linux   
    * Origin: capitolcityonline.net * Telnet/SSH:2022/HTTP (1:2320/105)   
   SEEN-BY: 105/81 106/201 128/187 129/14 305 153/7715 154/110 218/700   
   SEEN-BY: 226/30 227/114 229/110 111 206 300 307 317 400 426 428 664   
   SEEN-BY: 229/700 705 266/512 291/111 320/219 322/757 342/200 396/45   
   SEEN-BY: 460/58 712/848 902/26 2320/0 105 304 3634/12 5075/35   
   PATH: 2320/105 229/426