Swiss School Photos Stolen in Cyberattack on German Firm, Threatened for Darknet Release
In mid-May, cybercriminals stole thousands of school photographs of Swiss students after breaching Portraitbox GmbH, a German company specializing in photo sales for professional photographers. The attackers accessed password-protected online galleries and threatened to publish the images on the darknet, according to Swiss news outlet Watson.
The Swiss Federal Data Protection and Information Commissioner (PFPDT) confirmed the incident, noting that the breach affects a significant number of individuals in Switzerland, as many local school photographers rely on Portraitbox’s services. The PFPDT reported receiving data breach notifications from photographers handling both individual and bulk orders, including those from schools.
Photographers have been instructed to notify affected parents through websites, emails, or direct communication with schools. Swiss authorities remain in contact with their German counterparts, with North Rhine-Westphalia’s data protection authority now overseeing the investigation. The full scope of the breach and potential misuse of the stolen images remains under assessment.
Pictrs GmbH cybersecurity rating report: https://www.rankiteo.com/company/pictrs-gmbh
"id": "PIC1779992704",
"linkid": "pictrs-gmbh",
"type": "Breach",
"date": "5/2025",
"severity": "85",
"impact": "4",
"explanation": "Attack with significant impact with customers data leaks"{'affected_entities': [{'customers_affected': 'Swiss students and schools '
'(number unspecified)',
'industry': 'Photography Services',
'location': 'Germany',
'name': 'Portraitbox GmbH',
'type': 'Company'},
{'customers_affected': 'Thousands of students',
'industry': 'Education/Photography',
'location': 'Switzerland',
'name': 'Swiss schools and photographers',
'type': 'Customers/Third Parties'}],
'attack_vector': 'Unknown',
'customer_advisories': 'Parents notified via photographers or schools',
'data_breach': {'data_exfiltration': 'Yes (threatened for darknet release)',
'file_types_exposed': 'Images (unspecified format)',
'number_of_records_exposed': 'Thousands',
'personally_identifiable_information': 'Potential (if '
'metadata or linked '
'records contained '
'PII)',
'sensitivity_of_data': 'High (images of minors)',
'type_of_data_compromised': 'School photographs'},
'date_detected': '2024-05',
'description': 'In mid-May, cybercriminals stole thousands of school '
'photographs of Swiss students after breaching *Portraitbox '
'GmbH*, a German company specializing in photo sales for '
'professional photographers. The attackers accessed '
'password-protected online galleries and threatened to publish '
'the images on the darknet.',
'impact': {'brand_reputation_impact': 'Likely significant',
'data_compromised': 'Thousands of school photographs',
'identity_theft_risk': 'Potential (if PII was exposed)',
'legal_liabilities': 'Potential under GDPR and Swiss data '
'protection laws',
'systems_affected': 'Password-protected online galleries'},
'investigation_status': 'Ongoing (under assessment)',
'motivation': 'Extortion (threatened darknet release)',
'ransomware': {'data_exfiltration': 'Yes'},
'references': [{'source': 'Watson (Swiss news outlet)'},
{'source': 'Swiss Federal Data Protection and Information '
'Commissioner (PFPDT)'}],
'regulatory_compliance': {'regulations_violated': ['GDPR',
'Swiss Federal Data '
'Protection Act'],
'regulatory_notifications': 'Swiss PFPDT and North '
'Rhine-Westphalia data '
'protection authority '
'notified'},
'response': {'communication_strategy': 'Photographers instructed to notify '
'affected parents via websites, '
'emails, or direct communication with '
'schools'},
'stakeholder_advisories': 'Swiss authorities in contact with German '
'counterparts; photographers instructed to notify '
'affected parents',
'threat_actor': 'Cybercriminals',
'title': 'Swiss School Photos Stolen in Cyberattack on German Firm, '
'Threatened for Darknet Release',
'type': 'Data Breach'}