Swiss procurement service supplier Chain IQ has confirmed falling sufferer to a cyberattack that led to the theft of buyer knowledge.
The Zug, Switzerland-based agency says it realized of the incident after a risk actor revealed knowledge allegedly stolen from its methods on the darkish net.
“On June 12, 2025, Chain IQ, together with 19 different corporations, was the goal of a cyberattack that had by no means earlier than been seen on a worldwide scale. This cyberattack resulted in knowledge theft. Information from some Chain IQ prospects was revealed on the darkish net,” the corporate says in an incident discover.
Chain IQ says it instantly activated its response plan and checked all related methods, and notified prospects, workers, and accomplice corporations, in addition to the related authorities.
“The incident was contained after 8 hours and 45 minutes by revoking the attackers’ entry to the affected surroundings,” the corporate says.
Chain IQ stated no financial institution buyer knowledge was compromised within the incident, however confirmed that the attackers exfiltrated “knowledge containing worker enterprise contact particulars of chosen shoppers”, together with consumer workers’ cellphone numbers.
In response to native media, Swiss monetary teams UBS and Pictet, in addition to Manor, and actual property and development companies firm Implenia had been impacted.
Responding to a SecurityWeek inquiry, UBS confirmed the affect from the incident, however stated that no consumer knowledge was stolen within the assault.Commercial. Scroll to proceed studying.
“A cyber-attack at an exterior provider has led to details about UBS and a number of other different corporations being stolen. No consumer knowledge has been affected. As quickly as UBS turned conscious of the incident, it took swift and decisive motion to keep away from any affect on its operations,” UBS stated.
The assault on Chain IQ was claimed by the ransomware group Worldleaks, which added the corporate to its Tor-based leak web site on June 11, claiming the theft of roughly 910 GB of information, or greater than 1.9 million information.
“Exterior suppliers have grow to be some of the readily attacked, compromised, and exploited organizations that we take care of,” Neovera VP Paul Underwood stated in an emailed remark.
“Though in an announcement it was reported that no consumer knowledge was concerned within the cyberattack, it doesn’t imply that the cyberattack doesn’t have worth to not solely the attacker however to what probably may occur sooner or later to those organizations that had been affected,” Underwood continued.
Associated: Krispy Kreme Confirms Information Breach After Ransomware Assault
Associated: Anubis Ransomware Packs a Wiper to Completely Delete Recordsdata
Associated: Fog Ransomware Assault Employs Uncommon Instruments
Associated: Delicate Data Stolen in Sensata Ransomware Assault
