Yazılar

UBS and Pictet Report Data Leak Following Cyber Attack on Service Provider; Client Data Safe

/in /tarafından

Swiss banks UBS and Pictet disclosed on Wednesday that they were affected by a data leak caused by a cyber attack on their Swiss-based service provider, Chain IQ. Despite the breach, neither bank reported any compromise of client information.

According to Swiss newspaper Le Temps, tens of thousands of UBS employees’ data, including contact details and a direct internal line to UBS CEO Sergio Ermotti, were stolen. Chain IQ, headquartered in Baar, provides services to major firms including KPMG and Mizuho.

UBS confirmed that the incident involved stolen information related to the bank and other companies, emphasizing that no client data was affected. The bank said it responded quickly to mitigate operational impacts.

Chain IQ revealed that the cyber attack targeted it and 19 other companies, with some data published on the darknet. The firm stated that countermeasures were immediately implemented to contain the situation but declined to comment on ransom demands or communications with attackers due to ongoing investigations.

KPMG, listed as a Chain IQ client, said its infrastructure remained unaffected but enhanced its security protocols in response to the breach.

Pictet reported that only invoice-related information involving some of its suppliers, such as technology providers and consultants, was stolen. The private bank reassured that client data remained secure and stressed the importance of strict controls to prevent unauthorized access.

Swiss financial regulator Finma is overseeing the case according to standard procedures.

Cybersecurity expert Ilia Kolochenko of ImmuniWeb warned that breaches at third-party vendors pose a significant risk even to top financial institutions, potentially affecting the long-term trust in Swiss banking.

Viasat Confirmed as Victim of Chinese Salt Typhoon Cyberespionage Campaign

/in /tarafından

Satellite communications firm Viasat Inc has been identified as a victim of the Salt Typhoon cyberespionage operation linked to China during the 2024 U.S. presidential campaign, Bloomberg News reported on Tuesday, citing sources familiar with the investigation.

The breach was discovered earlier this year. Viasat, working alongside a government investigation and an independent cybersecurity partner, found evidence of unauthorized access through a compromised device but stated there was no evidence of customer data being affected.

“Viasat believes that the incident has been remediated and has not detected any recent activity related to this event,” the company said in a statement.

U.S. officials have previously accused Salt Typhoon hackers of breaching multiple telecom companies—including Verizon, AT&T, and Lumen—stealing sensitive telephone audio intercepts and extensive call records. In December, the government added a ninth unnamed telecom firm to the list of victims, revealing the hackers had broad network access to track millions of individuals and record phone calls.

Reportedly, Salt Typhoon targeted individuals connected to both major presidential campaigns, including those of Democrat Kamala Harris and Republican Donald Trump.

China has denied the allegations, labeling them as disinformation and asserting Beijing’s opposition to cyberattacks and cyber theft.

Costa Rica’s Presidential YouTube Account Restores Control After Cyber Attack

/in /tarafından

The official YouTube account of Costa Rican President Rodrigo Chaves was restored to government control late on Friday after a cyber attack that had disrupted the account for several hours.

In a statement, the presidency confirmed that experts from the president’s office, the Ministry of Science and Technology, and Google worked together to resolve the breach. While the details of the attacker or group responsible remain unclear, the government assured that no sensitive information had been compromised during the incident.

During the attack, the YouTube profile was altered to display a logo with the word “Strategy” followed by a bitcoin symbol. The most recent videos featured content related to cryptocurrency, which the presidential office confirmed did not originate from them.