The Swiss authorities has issued a warning after a third-party service supplier suffered a ransomware assault, which noticed delicate info stolen from its techniques and leaked onto the darkish net.
Radix a non-profit well being basis, works with numerous federal administrations throughout Switzerland in areas corresponding to selling good diet, wholesome train, and serving to people take care of habit, and psychological and sexual well being points.
Based on a statement issued by Radix, the organisation suffered a cyber assault on June 16 “regardless of its excessive safety requirements.”
Radix defined that the Sarcoma ransomware group had susequently revealed the stolen knowledge on its darkish net leak web site on June 29 2025.
Certain sufficient, in case you go to Sarcoma’s leak web site one can find Radix listed amongst its current victims, and a free-to-download hyperlink to what seems to be a 1.3TB price of scanned paperwork, contracts, communications, and monetary paperwork.
Who’s the Sarcoma ransomware group?
Sarcoma is a comparatively new ransomware group, having first emerged final yr, and rapidly claiming plenty of excessive profile victims together with Taiwanese printed circuit board (PCB) producer Unimicron and print group TMA.
Based on a Bleeping Laptop report, Sarcoma usually breaks into organisations via focused phishing emails, the exploitation of previous vulnerabilities, and supply-chain assaults. As soon as throughout the organisation, they’ll reap the benefits of RDP connections to maneuver laterally, discovering extra techniques to compromise and knowledge information to exfiltrate and in the end encrypt.
Knowledge information encrypted by Sarcoma are simply identifiable by the ransomware altering their names to have a .sarcoma extension.
Radix says that it revoked entry to the delicate knowledge as quickly because the assault was found, and that it will likely be restoring encrypted knowledge from backups.
It makes a degree of claiming that it has knowledgeable indviduals impacted by the breach and says that presently it doesn’t believed that delicate knowledge from associate organisations has been included within the malicious hackers’ haul.
For its half, the Swiss authorities says that it’s at present investigating “the precise models and knowledge affected by the assault”, and that “as Radix has no direct entry to Federal Administration techniques, the attackers didn’t achieve entry to those techniques at any time.”
The truth that the Sarcoma group has determined to leak the stolen knowledge means that no ransom has been paid to the criminals.
Radix is advising people to stay vigilant over the approaching months, as cybercriminals might try to use the leaked info to conduct phishing assaults, identification theft, and different types of assault.
However there are classes right here for organisations too. And one in all them is that vendor threat assessments matter. You shouldn’t simply audit your small business’s personal safety, but additionally scrutinise the security practices of your suppliers too. Ask them what they’re doing to make sure that their defences are hardened as a lot as potential to forestall the opportunity of an assault.
And, do not forget that incident response plans should additionally embody your suppliers. If a associate is hit, as within the case with this assault in opposition to Radix, your organisation should be ready to behave rapidly and talk clearly to all of those that could also be impacted.
Editor’s Notice: The opinions expressed on this and different visitor writer articles are solely these of the contributor and don’t essentially replicate these of Fortra.
