The Swiss authorities has issued a warning after a third-party service supplier suffered a ransomware assault, which noticed delicate info stolen from its methods and leaked onto the darkish net.
Radix a non-profit well being basis, works with numerous federal administrations throughout Switzerland in areas akin to selling good diet, wholesome train, and serving to people cope with dependancy, and psychological and sexual well being points.
In accordance with a assertion issued by Radix, the organisation suffered a cyber assault on June 16 “regardless of its excessive safety requirements.”
Radix defined that the Sarcoma ransomware group had susequently revealed the stolen information on its darkish net leak web site on June 29 2025.
Positive sufficient, should you go to Sarcoma’s leak web site you can see Radix listed amongst its current victims, and a free-to-download hyperlink to what seems to be a 1.3TB price of scanned paperwork, contracts, communications, and monetary paperwork.
Who’s the Sarcoma ransomware group?
Sarcoma is a comparatively new ransomware group, having first emerged final 12 months, and rapidly claiming quite a lot of excessive profile victims together with Taiwanese printed circuit board (PCB) producer Unimicron and print group TMA.
In accordance with a Bleeping Laptop report, Sarcoma usually breaks into organisations via focused phishing emails, the exploitation of previous vulnerabilities, and supply-chain assaults. As soon as inside the organisation, they’ll reap the benefits of RDP connections to maneuver laterally, discovering extra methods to compromise and information information to exfiltrate and in the end encrypt.
Information information encrypted by Sarcoma are simply identifiable by the ransomware altering their names to have a .sarcoma extension.
Radix says that it revoked entry to the delicate information as quickly because the assault was found, and that it is going to be restoring encrypted information from backups.
It makes a degree of claiming that it has knowledgeable indviduals impacted by the breach and says that presently it doesn’t believed that delicate information from accomplice organisations has been included within the malicious hackers’ haul.
For its half, the Swiss authorities says that it’s presently investigating “the precise models and information affected by the assault”, and that “as Radix has no direct entry to Federal Administration methods, the attackers didn’t acquire entry to those methods at any time.”
The truth that the Sarcoma group has determined to leak the stolen information means that no ransom has been paid to the criminals.
Radix is advising people to stay vigilant over the approaching months, as cybercriminals might try to use the leaked info to conduct phishing assaults, id theft, and different types of assault.
However there are classes right here for organisations too. And one in every of them is that vendor danger assessments matter. You shouldn’t simply audit your online business’s personal safety, but in addition scrutinise the safety practices of your suppliers too. Ask them what they’re doing to make sure that their defences are hardened as a lot as attainable to forestall the potential for an assault.
And, remember that incident response plans should additionally embrace your suppliers. If a accomplice is hit, as within the case with this assault towards Radix, your organisation have to be ready to behave rapidly and talk clearly to all of those that could also be impacted.
Editor’s Be aware: The opinions expressed on this and different visitor writer articles are solely these of the contributor and don’t essentially mirror these of Fortra.
