Swiss authorities are investigating a cyberattack on the IT company Xplain, whose clients include many federal and cantonal government departments, including the army and customs.
The online attack was revealed on Saturday by the newspaper Le Temps, which reported that “several cantonal police forces, the Swiss army and the Federal Office of Police (Fedpol) have been indirectly affected.”
Xplain “has been the victim of a cyberattack by the PLAY ransomware group and has therefore filed a complaint with the Berne cantonal police,” company director Andreas Loewinger told AFP.
“They published some of the stolen data. This data was analyzed and the next steps to be taken were discussed directly with the customers concerned”, he added.
Xplain is a Swiss company specializing in IT solutions for homeland security.
The company, which has offices in Switzerland, Spain and Germany, has called in the National Cyber Security Centre and investigations are underway.
“We have not made any contact with the PLAY group, and we will not pay any ransom”, Mr Loewinger stressed.
Xplain said it does not yet know the extent of the data theft.
But the company, which offers its customers online applications, said it does not store the applications and data itself.
The Federal Office of Customs and Border Security stated that elements of correspondence with Xplain had been affected, but that “the Office’s own data are not affected.”
The army, which was informed of the incident a few days ago, explained that it has been using a software solution from Xplain “for several years,” but that it is operated “via the Confederation’s own servers.”
“The civil authorities have opened a criminal procedure into the matter,” an army spokesman told AFP.
The Federal Police also assured that, according to current information, its “projects are not affected.”