Switzerland says a ransomware attack on the non-profit health foundation Radix that involved data being stolen and encrypted had also affected the federal administration.
The Radix Foundation, a not-for-profit organisation active in the field of health promotion, has been the victim of a ransomware attack, it was confirmed on Monday. The criminals stole and encrypted data, which they then published on the darknet.

The foundation contacted the National Cybersecurity Centre (NCSC) after carrying out an initial analysis of the situation, it announced on Monday. Radix’s clientele also includes various administrative units of the federal administration.

The aim is to determine which services and data are actually affected by the cyber attack. At no time were the hackers able to penetrate the systems of the federal administration, as the Radix Foundation itself does not have such direct access, the centre pointed out.

Roughly 16% of Swiss federal politicians had their official government email leaked on the dark web. This puts them at risk of phishing attacks or blackmail.

In the latest installment of our investigation into politicians’ cybersecurity practices, we found the official government email addresses of 44 Swiss politicians for sale on the dark web, roughly 16% of the 277 emails we searched. Constella Intelligence(new window) helped us compile this information.

Sharp-eyed readers might wonder why we searched for 277 email addresses if there are only 253 politicians between the Council of States, Federal Council, and National Council. The explanation is some politicians publicly share another email address along with their official government one. In these cases, we searched for both.

Since these email addresses are all publicly available, it’s not an issue that they’re on the dark web. However, it is an issue that they appear in data breaches, meaning Swiss politicians violated cybersecurity best practices and used their official emails to create accounts with services like Dropbox, LinkedIn, and Adobe, although there is evidence some Swiss politicians used their government email address to sign up for adult and dating platforms.

We’re not sharing identifying information for obvious reasons, and we notified every affected politician before we published this article.
Swiss politicians performed roughly as well as their European colleagues, having few fewer elected officials with exposed information than the UK (68%), the European Parliament (41%), and France (18%), and only slightly more than Italy (15%).

It should be noted that even a single compromised account could have significant ramifications on national security. And this isn’t a hypothetical. The Swiss government is actively being targeted on a regular basis. In 2025, hackers used DDoS attacks(new window) to knock the Swiss Federal Administration’s telephones, websites, and services offline. In 2024, Switzerland’s National Cyber Security Center published a report stating the Play ransomware group stole 65,000 government documents(new window) containing classified information from a government provider.

A cyberattack on the Zug-based procurement service provider Chain IQ apparently has far-reaching consequences for UBS: data from 130,000 employees, including the direct number of CEO Sergio Ermotti, is said to have ended up on the darknet.

A person has been arrested in Switzerland as part of a ccordinated raid on 270 dark web sites in ten countries.
The international raid, dubbed “RapTor”, dismantled networks trafficking drugs, weapons and counterfeit goods. The suspects were identified during the dismantling of the dark web markets Nemesis, Tor2Door, Bohemia and Kingdom Markets.

Many of them made thousands of sales on illegal markets using encryption tools and cryptocurrencies to cover their tracks.

Officers seized more than 180 firearms, over two tonnes of drugs and €184 million in cash and cryptocurrencies during the operation, which included arrests in ten countries, including Germany, France, Austria, Britain and the United States.

The number of reported cyber incidents and online threats in Switzerland rose sharply last year, according to the National Cyber Security Centre (NCSC).

Last year, almost 63,000 cyber-related incidents were reported to the National Cyber Security Centre (NCSC) in Switzerland, an increase of 13,500 cases over the previous year. Between July and December, the NCSC recorded more than 28,000 incidents, slightly fewer than in the first half of 2024.

Fraud, phishing and spam messages continue to be the most frequently reported incidents. The increase on the previous year is mainly due to the phenomenon of false calls in the name of the authorities, with almost 22,000 reports compared with around 7,000 the previous year.

On the other hand, the number of e-mail threats has dropped. Over the past four years, fraudsters have used the telephone more as a communication channel.

Switzerland's National Cybersecurity Centre (NCSC) has announced a new reporting obligation for critical infrastructure organizations in the country, requiring them to report cyberattacks to the agency within 24 hours of their discovery.

Unbekannte sind in das Mailkonto von Säckelmeister Ruedi Eberle eingedrungen. Dank des Sicherheitssystems konnte eine Weiterverbreitung rasch unterbunden werden. Nach aktuellem Stand sind weder Daten verloren gegangen noch weitere Konten der kantonalen Verwaltung betroffen.

This follows a series of high-impact arrests targeting Phobos ransomware:An administrator of Phobos was arrested in South Korea in June 2024 and extradited to the United States in November of the same year. He is now facing prosecution for orchestrating ransomware attacks that encrypted critical infrastructure, business systems, and personal data for ransom.A key Phobos affiliate was arrested in Italy...

Thai police arrested four European hackers in Phuket who allegedly stole $16 million through ransomware attacks affecting over 1,000 victims worldwide. The suspects, wanted by Swiss and US authorities, were caught in coordinated raids across four locations.

Officers from Cyber Crime Investigation Bureau, led by Police Lieutenant General Trairong Phiwphan, conducted “Operation PHOBOS AETOR” in Phuket on February 10, arresting four foreign hackers involved in ransomware attacks. The operation, coordinated with Immigration Police and Region 8 Police, raided four locations across Phuket....

Four alleged European hackers have been arrested in Phuket for deploying ransomware on the networks of 17 Swiss firms. The suspects are accused of causing significant damage and stealing $16 million in Bitcoins from 1,000 global victims.

How Russian propaganda challenges Switzerland's neutrality, using disinformation to sway public opinion in the Ukraine war.

What do you do if a web address you printed on a physical flyer contains a typo, and you send that flyer to more than 100,000 households? Well, if you're

After federal police came to an employee’s house to ask questions, encrypted messaging company Session has decided to leave Australia and switch to a foundation model based in Switzerland.

Austrian security authorities have identified a Swiss man as the suspect in a series of emails containing bomb threats.

Extensive data leak in Switzerland: The Zurich-based asset manager Boreal Capital Management has been attacked by a hacker group, with data from around 700 current and former clients being stolen and published, according to media reports.

people frequently reach out to me with companies to look into. usually it takes me about 10 minutes before i move on for one reason or another—it's not interesting for a story or has good security, for example. i didnt expect anything different when an acquaintance told me about Tracki, a self-proclaimed "world leader in GPS tracking" that they suspected could be used nefariously.

at first glance, Tracki appeared to be a serious company, maybe even one that cared about security. we could never have guessed what was about to unfold before us.

half a year into our investigation, we'd found it all: a hidden conglomerate posing as five independent companies, masked from governments and customers alike through the use of dozens of false identities, US letterbox companies, and an undeclared owner. a 90s phone sex scheme that, through targeting by one of hollywood's most notorious fixers, spiraled into a collection of almost a hundred domains advertising everything from online dating to sore throat remedies. a slew of device-assisted murder cases, on top of potential data breaches affecting almost 12 million users, ranging from federal government officials to literal infants. and most importantly, a little-known Snoop Dogg song. how in the world did we get here?

starting our descent

The stock exchange was forced to halt equity trading for several hours on Wednesday due to persistent technical snags.

The United States remains reluctant to work with open source, but European countries are bolder.
Several European countries are betting on open-source software. In the United States, eh, not so much. In the latest news from across the Atlantic, Switzerland has taken a major step forward with its "Federal Law on the Use of Electronic Means for the Fulfillment of Government Tasks" (EMBAG). This groundbreaking legislation mandates using open-source software (OSS) in the public sector.

11.07.2024 - At the end of June 2024, cybercriminals spread the malware "Poseidon Stealer" in German-speaking Switzerland by email, using AGOV as a lure with the aim of infecting computers with the macOS operating system. The NCSC has now produced and published a brief technical analysis of the malware.
#news

Russia, which hasn’t been invited to the summit, has repeatedly called it “meaningless and harmful.” Swiss officials did not provide more details about the reported cyberattacks.