InfoSecBulletin Cybersecurity for mankind
Swiss authorities discovered 65,000 leaked government documents containing classified information and sensitive personal data. The leak occurred after a ransomware attack on an IT vendor last year.
The National Cyber Security Centre (NCSC) of Switzerland recently released a report analyzing the data stolen during a cyber attack in May. The attack was conducted by hackers connected to the Play ransomware gang and targeted IT vendor Xplain. In response to the incident, the government ordered a review, and the NCSC has now published its preliminary findings.
Bangladesh bank published CBS guideline Version 2.0
Fortinet report
Attackers exploiting vulnerabilities 50% faster, just 4.76 days
TechCrunch report
Indian gov.t sites compromised to plant online betting ads
Damage Costs Predicted To Exceed $265 Billion By 2031
Ransomware expected to attack every 2 seconds by 2031
ALERT CISA WARNS
Black Basta ransomware breached over 500 orgs worldwide
Cyber Attack On Data Center Cooling Systems results disruption
Chrome Zero-Day Alert — Update Your Browser to Patch
Dell Discloses Data Breach: 49 million customers allegedly affected
BIG VULNERABILITIES IN NEXT-GEN BIG-IP
UK confirms Ministry of Defence payroll data exposed in data breach
1.3 million files were published on the dark web. Approximately 5% of those files were related to the country’s federal government.
Most of the files belonged to Xplain and were related to the company’s work with the government. However, around 14% of the files came directly from the country’s federal administration.
Most of the government files were from the administrative units of the Federal Department of Justice and Police. These units include the Federal Office of Justice, Federal Office of Police, State Secretariat for Migration, and the internal IT service center ISC-FDJP, according to the NCSC.
“With just over 3% of the data, the Federal Department of Defence, Civil Protection and Sport (DDPS) is slightly affected and the other departments are only marginally affected in terms of volume,” the agency said.
The files included personal data, technical information, classified documents, and passwords. Names, email addresses, phone numbers, and addresses were found in about 4,700 files. More than 250 files contained technical information, like documentation on IT systems, software requirement documents, or architectural descriptions.
The investigation will be completed by the end of March. A report will then be sent to the Federal Council of the country.
The Play ransomware group said they attacked on May 23 and leaked 907 gigabytes of financial and other data on June 1. Since June 2022, Play ransomware has caused over 300 cyberattacks, according to the FBI.
