Xplain hack impacted the Swiss cantonal police and Fedpol

Several Swiss cantonal police, the army, customs and the Federal Office of Police (Fedpol) were impacted by the attack against IT firm Xplain.

Swiss police launched an investigation into the cyber attack that hit the Bernese IT company Xplain, which provides its services to several federal and cantonal government departments, the army, customs, and the Federal Office of Police (Fedpol).

The news of the attack was first reported on Saturday by the Swiss newspaper Le Temps.

“for the first time, several cantonal police forces, the Swiss army or the Federal Office of Police (Fedpol) are indirectly affected by a cyberattack.” reads Le Temps. “These major players in security have one thing in common: they have the same IT service provider, the Bernese company Xplain, which has just been hacked.”

The Play ransomware gang claimed responsibility for the attack.

Threat actors have already published alleged stolen data from the Federal Office of Police (Fedpol) and the Federal Office for Customs and Border Security (FOCBS) on a Darknet forum.

Local media reported that attackers have exploited a vulnerability on the servers of the company.

Both Fedpol and the federal customs office confirmed the attack but attempted to downplay the incident. According to Fedpol, threat actors only had access to simulated, anonymous data for test purposes.

Xplain notified Fedpol about the attack a few days ago, revealed a Fedpol spokesman who added that the projects of the agency were not exposed.

The Federal Office for Customs and Border Security (FOCBS) said data from the FOCBS that were exposed are from correspondence with its clients.

“Switzerland has seen a rising number of cyberattacks in recent years, including on local authorities, doctors’ surgeries, a guardianship service, media companies and economic giants such as ABB and Swissport.” reported Swissinfo. 

Follow me on Twitter: @securityaffairs and Facebook and Mastodon

Pierluigi Paganini

(SecurityAffairs – hacking, Xplain)