The Swiss authorities has issued a warning after a third-party service supplier suffered a ransomware assault, which noticed delicate data stolen from its programs and leaked onto the darkish internet.
Radix a non-profit well being basis, works with varied federal administrations throughout Switzerland in areas akin to selling good vitamin, wholesome train, and serving to people take care of dependancy, and psychological and sexual well being points.
In keeping with a assertion issued by Radix, the organisation suffered a cyber assault on June 16 “regardless of its excessive safety requirements.”
Radix defined that the Sarcoma ransomware group had susequently revealed the stolen information on its darkish internet leak website on June 29 2025.
Positive sufficient, when you go to Sarcoma’s leak website you can find Radix listed amongst its latest victims, and a free-to-download hyperlink to what seems to be a 1.3TB price of scanned paperwork, contracts, communications, and monetary paperwork.
Who’s the Sarcoma ransomware group?
Sarcoma is a comparatively new ransomware group, having first emerged final 12 months, and shortly claiming a lot of excessive profile victims together with Taiwanese printed circuit board (PCB) producer Unimicron and print group TMA.
In keeping with a Bleeping Laptop report, Sarcoma sometimes breaks into organisations by focused phishing emails, the exploitation of previous vulnerabilities, and supply-chain assaults. As soon as throughout the organisation, they may reap the benefits of RDP connections to maneuver laterally, discovering extra programs to compromise and information information to exfiltrate and finally encrypt.
Information information encrypted by Sarcoma are simply identifiable by the ransomware altering their names to have a .sarcoma extension.
Radix says that it revoked entry to the delicate information as quickly because the assault was found, and that it will likely be restoring encrypted information from backups.
It makes a degree of claiming that it has knowledgeable indviduals impacted by the breach and says that presently it doesn’t believed that delicate information from companion organisations has been included within the malicious hackers’ haul.
For its half, the Swiss authorities says that it’s presently investigating “the particular models and information affected by the assault”, and that “as Radix has no direct entry to Federal Administration programs, the attackers didn’t acquire entry to those programs at any time.”
The truth that the Sarcoma group has determined to leak the stolen information means that no ransom has been paid to the criminals.
Radix is advising people to stay vigilant over the approaching months, as cybercriminals might try to use the leaked data to conduct phishing assaults, id theft, and different types of assault.
However there are classes right here for organisations too. And certainly one of them is that vendor danger assessments matter. You shouldn’t simply audit your corporation’s personal safety, but additionally scrutinise the safety practices of your suppliers too. Ask them what they’re doing to make sure that their defences are hardened as a lot as attainable to stop the potential for an assault.
And, remember that incident response plans should additionally embody your suppliers. If a companion is hit, as within the case with this assault in opposition to Radix, your organisation should be ready to behave shortly and talk clearly to all of those that could also be impacted.
Editor’s Be aware: The opinions expressed on this and different visitor creator articles are solely these of the contributor and don’t essentially mirror these of Fortra.
