Switzerland has officially confirmed that sensitive information from several federal offices has been impacted by a ransomware attack targeting the third-party organization Radix, a Zurich-based non-profit health foundation. The attack, which occurred on June 16, 2025, resulted in both the theft and encryption of data. Hackers subsequently leaked the stolen data on the dark web, with reports indicating that the Sarcoma ransomware group claimed responsibility and published approximately 1.3 TB of data in several compressed archives.
Radix provides services to various federal offices, which explains the government’s connection to the incident. However, Swiss authorities emphasized that the attackers did not directly breach state-run data systems, as Radix itself does not have direct access to these systems. The National Cyber Security Centre (NCSC) is currently analyzing the leaked data to determine which specific government agencies and types of information have been affected.
The incident highlights the risks posed by third-party service providers in government supply chains and underscores ongoing challenges in protecting sensitive data from sophisticated cyber threats. Authorities are working to identify the full scope of the breach and assess its impact on individuals and government operations.
