The cyber attack on the Bernese IT firm Xplain, which offers its services to various federal and cantonal government offices, was investigated by Swiss authorities.
On a Darknet forum, threat actors have already posted information they claim to have stolen from the Federal Office of Police (Fedpol) and the Federal Office for Customs and Border Security (FOCBS).
According to local media, the company's systems were compromised by intruders who took advantage of a vulnerability.
A Fedpol spokesman stated that the agency's projects were not compromised and that Xplain had informed Fedpol of the incident a few days prior.
Source: https://securityaffairs.com/147047/data-breach/fedpol-swiss-police-cyber-attack.html
TPRM report: https://scoringcyber.rankiteo.com/company/xplaingroup
"id": "xpl01012623",
"linkid": "xplaingroup",
"type": "Breach",
"date": "06/2023",
"severity": "60",
"impact": "3",
"explanation": "Attack with significant impact with internal employee data leaks"
{'affected_entities': [{'customers_affected': ['Federal Office of Police '
'(Fedpol)',
'Federal Office for Customs and '
'Border Security (FOCBS)'],
'industry': 'Information Technology',
'location': 'Bernese',
'name': 'Xplain',
'type': 'IT Firm'}],
'description': 'The cyber attack on the Bernese IT firm Xplain, which offers '
'its services to various federal and cantonal government '
'offices, was investigated by Swiss authorities. On a Darknet '
'forum, threat actors have already posted information they '
'claim to have stolen from the Federal Office of Police '
'(Fedpol) and the Federal Office for Customs and Border '
"Security (FOCBS). According to local media, the company's "
'systems were compromised by intruders who took advantage of a '
"vulnerability. A Fedpol spokesman stated that the agency's "
'projects were not compromised and that Xplain had informed '
'Fedpol of the incident a few days prior.',
'impact': {'data_compromised': ['Federal Office of Police (Fedpol)',
'Federal Office for Customs and Border '
'Security (FOCBS)']},
'initial_access_broker': {'data_sold_on_dark_web': ['Federal Office of Police '
'(Fedpol)',
'Federal Office for '
'Customs and Border '
'Security (FOCBS)']},
'references': [{'source': 'Local media'}],
'response': {'law_enforcement_notified': ['Swiss authorities']},
'title': 'Cyber Attack on Bernese IT Firm Xplain',
'type': 'Cyber Attack',
'vulnerability_exploited': 'Unspecified vulnerability'}