Swiss financial institution UBS has confirmed that some of its employee data was compromised and leaked online due to a cybersecurity breach at one of its external service providers. The incident did not impact client information, according to the bank.
The breach came to light after reports surfaced from Swiss media suggesting that data belonging to roughly 130,000 UBS staff members had been exposed online for several days. The compromised records reportedly include employee names, job titles, email addresses, phone numbers, workplace locations, and spoken languages.
UBS stated that it responded immediately upon learning of the breach, taking necessary steps to secure its operations and limit potential risks.
The cyberattack did not directly target UBS but rather a company it works with for procurement and administrative services. This supplier, identified as a former UBS spin-off, confirmed that it had been targeted but did not specify the extent of the data breach or name all affected clients.
A threat group believed to be behind the breach is known for using a form of cyber extortion that involves stealing sensitive data and threatening to publish it unless a ransom is paid. Unlike traditional ransomware attacks, this group reportedly skips the step of encrypting files and focuses solely on the theft and public exposure of stolen information.
So far, only one other company besides UBS has confirmed being impacted
[…]
Content was cut in order to protect the source.Please visit the source for the rest of the article.