Ransomware cyber

UBS

Jun 19, 2025 1 min read
UBS

Global banking giant UBS has suffered a data breach following a cyber-attack on a third-party supplier. Information about 130,000 UBS employees, including their business contact details, job roles, locations, and floor information, was published on the dark web by a ransomware group called World Leaks. The breach did not impact customer data or operations, but the direct phone number of UBS CEO Sergio Ermotti was included in the published data.

Source: https://www.infosecurity-magazine.com/news/ubs-employee-data-exposed-third/

TPRM report: https://scoringcyber.rankiteo.com/company/ubs

"id": "ubs604061925",
"linkid": "ubs",
"type": "Ransomware",
"date": "6/2025",
"severity": "85",
"impact": "3",
"explanation": "Attack with significant impact with internal employee data leaks"
{'affected_entities': [{'industry': 'Financial Services',
                        'location': 'Switzerland',
                        'name': 'UBS',
                        'type': 'Bank'},
                       {'industry': 'Financial Services',
                        'location': 'Switzerland',
                        'name': 'Pictet',
                        'type': 'Bank'},
                       {'industry': 'Services',
                        'location': 'Switzerland',
                        'name': 'Chain IQ',
                        'type': 'Procurement Service Provider'}],
 'attack_vector': 'Third-party supplier compromise',
 'data_breach': {'data_exfiltration': True,
                 'number_of_records_exposed': 130000,
                 'personally_identifiable_information': True,
                 'type_of_data_compromised': ['Business contact details',
                                              'Job roles',
                                              'Locations']},
 'date_detected': '2023-06-12',
 'date_publicly_disclosed': '2023-06-12',
 'description': 'Global banking giant UBS has suffered a data breach following '
                'a cyber-attack on a third-party supplier, Chain IQ. '
                'Information about 130,000 UBS employees was published on the '
                'dark web by a ransomware group called World Leaks. The data '
                'included business contact details, job roles, and locations. '
                'UBS confirmed that no client data was affected.',
 'impact': {'data_compromised': ['Business contact details',
                                 'Job roles',
                                 'Locations']},
 'initial_access_broker': {'data_sold_on_dark_web': True},
 'investigation_status': 'Ongoing',
 'motivation': 'Data exfiltration and potential ransom demand',
 'ransomware': {'data_exfiltration': True},
 'references': [{'source': 'Infosecurity'}],
 'response': {'containment_measures': ['Strengthened security of relevant '
                                       'systems'],
              'law_enforcement_notified': True},
 'threat_actor': 'World Leaks (Hunters International)',
 'title': 'UBS Data Breach via Third-Party Supplier',
 'type': 'Data Breach'}
Published by
Jeremy C
Jeremy C
You might also like
Great! Next, complete checkout for full access to Rankiteo Blog.
Welcome back! You've successfully signed in.
You've successfully subscribed to Rankiteo Blog.
Success! Your account is fully activated, you now have access to all content.
Success! Your billing info has been updated.
Your billing was not updated.