Swiss Government Hit by Cyberattack Targeting Health Foundation

The Swiss federal administration has confirmed it was significantly impacted by a recent cyberattack targeting Radix, a non-profit health foundation. This incident, which involved both the theft and encryption of sensitive data, has led to some compromised information appearing on the dark web, raising serious concerns about data security and the vulnerabilities inherent in third-party service providers.

Radix, a key service provider for various federal offices, became the unwitting conduit through which government data was exposed. While Swiss federal authorities have emphasised that the attackers did not directly breach state-run data systems, the reliance on Radix for certain services meant that government-related information was nonetheless compromised. The full extent of the damage is still under investigation, with authorities diligently working to identify the specific federal units and data sets that have been affected.

This incident underscores a broader pattern of cyber threats targeting Switzerland. Reports indicate that sensitive information belonging to Swiss politicians, including official email accounts and passwords, has previously surfaced on the darknet. Investigations have revealed instances where public officials used their government email addresses to register for various third-party services, including professional networking sites like LinkedIn, cloud storage platforms like Dropbox, and even, in some cases, dating or adult websites. Such practices create critical vulnerabilities, allowing attackers to link personal and potentially sensitive online activity to high-value government identities.

The Radix attack follows other significant cybersecurity challenges for the Swiss government. In 2025, the federal administration experienced distributed denial-of-service (DDoS) attacks that temporarily knocked government websites and services offline. Furthermore, in 2024, the Play ransomware group successfully exfiltrated approximately 65,000 government documents from Xplain, another IT service provider for the federal administration. These incidents highlight the persistent and evolving nature of cyber threats faced by national institutions.

In the wake of the Radix breach, the Swiss authorities are working to understand the full implications and mitigate further risks. This event serves as a stark reminder for all organisations, especially those handling sensitive government data, of the critical need for robust cybersecurity measures, stringent third-party vendor risk management, and continuous education on best practices for data protection.

The ongoing efforts aim to bolster the nation's digital defenses against an increasingly sophisticated landscape of cyber adversaries