Xplain hack data revealed by Swiss NCSC

The Swiss National Cyber Security Center has published an in-depth data analysis report regarding the hacking attack on Xplain and its effect on the Swiss Federal Administration’s data.

In a recent attack on Xplain, “a major provider of IT services to national and cantonal authorities,” large amounts of data had been stolen by the hacker gang Play, according to the NCSC.

The gang stole a significant amount of data and “published what is presumed to be the entire stolen data package on the darknet on 14th June 2023,” the NCSC said.

This data included classified information and personal data from the Federal Administration.

The authorities revealed just how much data had been stolen and how much pertained to the Federal Administration.

According to the NCSC, the data package that was published on the dark web comprised 1.3 million files, and the organization sifted through the data to see how much of this information related to the Federal Administration.

“The results showed that the volume of data relevant to the Federal Administration comprised around 65,000 documents or approximately five percent of the total published data set,” the press release reads.

Although most of these files belonged to Xplain, roughly 9,000 files belonged to the Federal Administration.

The amount of sensitive content (personal data, technical information, classified information, and passwords) located in the Federal Administration's files was approximately 5,000.

“Personal data such as names, email addresses, telephone numbers, and postal addresses were found in 4,779 of these files,” the press release states.

The NCSC found that 278 files contained technical information, including documentation on IT systems, software requirement documents, and architectural descriptions.

A further “121 objects were classified in accordance with the Information Protection Ordinance, and four objects contained readable passwords.”