- Ransomware operators Sarcoma recently breached Radix
- As a result, Swiss government files were posted on the dark web
- Radix claims it retained intact backups
Multiple agencies of the Swiss federal government were affected by a supply chain attack that trickled down from Radix, a non-profit organization in the health promotion sector.
A short announcement published on the Swiss government website noted, “various administrative units of the Federal Administration” were among Radix’s customers.
It was further explained the company fell prey to a ransomware cyberattack in which attackers stole and encrypted data before publishing it on the dark web. After the fallout, Radix notified the National Cyber Security Centre (NCSC), which kicked off an investigation to determine exactly what type of data was affected, and who the victims were.
Sarcoma diagnosis
“As Radix has no direct access to Federal Administration systems, the attackers did not gain entry to these systems at any time,” the government explained.
Radix also issued a statement on its own website, detailing what had happened.
“Unfortunately, we must confirm that despite high security standards and professional support, we have become the victim of a cyberattack,” the machine-translated notification reads. “On June 29, 2025, the hacker group Sarcoma published the stolen data on a leak site.”
Radix further explained the affected people were already notified, and stressed that the data from partner organizations were not compromised.
“Access to the affected data was immediately revoked after the attack was discovered. There was a confirmed data leak, and various data were encrypted. However, RADIX retains all data in an intact state on backups. The exact method of the attack is currently under investigation.”
Claiming all of the data was left intact on backups suggests the company is not interested in paying the ransom demand. This would make sense, since the attackers allegedly already leaked the spoils on the dark web.
Via BleepingComputer