1 min

Swiss tax returns available on the darknet

Sensitive tax documents of Swiss citizens and companies were discovered on the darknet on 8 November 2021, presumably after the ransomware hack of a trust company in the Schwyz and Zurich cantons

Cybercrime - November 24, 2021

On 8 November 2021, the Swiss newspaper Le Temps revealed that an investigator exploring the darknet had discovered tax documents of Swiss individuals and companies for the year 2020.

This sensitive data includes, for some clients, their name, address, and social insurance number (AVS), amounts owed to the municipality, canton and Confederation, and payment slips containing precise information on bank accounts and outstanding mortgages.

These tax documents belong to citizens and companies based in the cantons of Zurich, Zug, and Schwyz. According to Le Temps, this leak is the result of the hacking of a fiduciary in the canton of Schwyz that has offices in the canton of Zurich. In Switzerland, a fiduciary is a firm that provides administrative services to natural and artificial persons. Its duties may include managing bank accounts, accounting, and tax returns.

The darknet specialist hypothesises that this fiduciary must have been the victim of ransomware: its files were encrypted and stolen and, as it refused to pay the ransom, the hackers put all or part of these files online on the darknet.

https://www.letemps.ch/economie/exclusif-declarations-dimpots-suisses-circulent-darknet?utm_source=linkedin&utm_medium=share&utm_campaign=article

All change at Killnet: myth or reality?

By Fanny Tan

Known for its distributed denial-of-service (DDoS) attacks on European and North American organisations that support Ukraine, the pro-Russian hacker group announced earlier this year that it was ...

28 July 2023

Kevin Mitnick: death of a legendary hacker

After his cat-and-mouse game with the FBI in the 80s and 90s, he became a cybersecurity consultant.

21 July 2023

Russian officer killed with the help of running app Strava?

Murderers of Captain Vladislav Rjitski, killed while on a jog, may have planned assassination with Strava.

21 July 2023

Cybersecurity expert makes off with 9 million USD in crypto hack

US authorities arrested former Amazon employee keen on leaving country.

10 July 2023

MOVEit vulnerability: the list of victims grows longer

Led by the Clop group, the hack of the managed file transfer software is 2023’s most significant cyber attack to date

10 July 2023

British cybercriminal sentenced to five years in prison in the US

Specialized in SIM swapping, the UK national took part in the 2020 Twitter hack and is guilty of a string of crypto theft and cyber harassment operations

Cyber industrial safety

17 July 2023

Wallix raises €10.5 million

The French specialist in privileged access raised 5.5 million euros in one night only.

04 July 2023

Despite improvements, OT cybersecurity remains a problem

Fortinet’s latest report shows that 75% of manufacturers have suffered at least one intrusion in the last 12 months.

19 June 2023

Critical flaw in Siemens’ energy sector ICS

The vulnerability enables complete takeover of devices and may undermine power grids

19 June 2023

Power grids: Mandiant warns about new malware CosmicEnergy

It is said to be the product of a Russian cybersecurity team, Red Team, which develops malicious tools to stress test industrial computer systems

16 May 2023

Future developments for industrial cybersecurity

A recent ABI Research report addresses likely developments in securing ICS

28 April 2023

Canada: Russian cybercriminals allegedly accessed the natural gas network

The information is among the classified U.S. intelligence documents that were recently leaked

Security and Stability in Cyberspace

22 September 2023

Will orbital data centers soon be a reality?

By Antoine Meunier

Will we one day see special structures for processing digital data orbiting the Earth? As futuristic as it sounds, this possibility is now being considered. Thales Alenia Space (TAS) is working on ...

28 August 2023

Submarine cables: the US-China cold war threatening the global internet

By Stanislas Tarnowski

Beijing may have got off to a good start in installing its submarine internet infrastructures, but the counter-offensive by Washington has successfully blocked the deployment of China’s cables. ...

28 August 2023

North Korean cybercriminals spied on Russian missile manufacturer

Lazarus and ScarCruft have allegedly stolen information from NPO Machinostroyenia, Russia’s largest manufacturer of long-range missiles.

14 August 2023

Widespread Russian cyber espionage campaign on Microsoft Teams

Kremlin-affiliated cybercriminal group orchestrated widespread cyber espionage campaign, infiltrating numerous international organizations, including government agencies

31 July 2023

USA: the White House plans to radically overhaul its national cybersecurity strategy

By Georges Bonfils

In March 2023, the US government unveiled its National Cybersecurity Strategy (NCS), which lays the groundwork for major changes in the way the country protects its cyberspace. Although this document ...

28 July 2023

Millions of emails from US military sent to Mali

The source: a simple typo in the domain name.

Cyber risks

19 September 2023

The quantum apocalypse is not yet upon us, but we need to be ready for it

By Fabrice Deblock

With the advances being made in quantum computing, the risk of one day seeing RSA keys broken by super-powered computers is being taken very seriously on the international stage. The post-quantum ...

18 September 2023

Elections: what cyber risks are lying in wait?

By Fanny Tan

The end of the summer brought with it new revelations of interference, cyber espionage, cyberattacks and other attempts to destabilise elections around the world. Here we take a closer look at three ...

11 September 2023

LinkedIn, another playground for cybercriminals

By Fabrice Deblock

As the world’s leading social media platform, LinkedIn is widely trusted. Yet sometimes, the people certain members of the platform are interacting with may not be who they say they are, especially ...

05 September 2023

Phishing attack uses QR code

Cybercriminals can thus avoid email spam filters.

28 August 2023

AI: a boon for social engineering

By Pascal Coillet-Matillon

Capable as it is of investigating targets and producing convincing “deepfakes”, artificial intelligence (AI) is a boon for launching social engineering attacks. It enables perpetrators to ...

14 August 2023

AI Deciphers Passwords from Keyboard Sounds

British researchers develop an algorithm that recognizes keyboard sounds with a high success rate

Operational security

28 August 2023

Understanding the DORA Directive in five points

By Fabrice Deblock

The DORA (Digital Operational Resilience Act) European Directive will apply to the 27 EU Member States from January 2025 onwards. It is intended to boost the resilience of the financial sector, whose ...

14 August 2023

Microsoft singled out in vulnerability patching

Cybersecurity researcher blames publisher for delay in response to reported flaws

03 August 2023

Canada: what legal framework is there for SOCMINT?

By Fanny Tan

What are the legal boundaries in Canada as regards collecting, analysing and publishing data from social networks? Although SOCMINT is practised widely within the OSINT community, understanding its ...

12 July 2023

How NANO Corp is revolutionising network security with end-to-end observability

By Fabrice Deblock

As networks become increasingly complex and hybrid, unified monitoring is a feature that observability solutions must now offer. Echoing this trend towards end-to-end observability, NANO Corp is ...

10 July 2023

Thales acquires Australian cyber specialist Tesserent

The cyber threat detection and response firm brings with it a large customer base in Australia and New Zealand

28 June 2023

Sekoia.io raises €35 million

French cybersecurity vendor aims to become “European leader” in cyberattack detection and response platforms

Antifraud action

05 September 2023

Messenger to implement default end-to-end encryption

Long-awaited development in wake of illegal abortion controversy in Nebraska Fraud prevention.

28 July 2023

United States: OpenAI under FTC investigation

The US Federal Trade Commission is investigating ChatGPT over claims of misrepresentation.

13 July 2023

Olympic Games: ANSSI argues for “healthy paranoia”

Vincent Strubel, head of ANSSI, goes over security measures for Paris 2024 Games, as well as threats the event faces.

19 June 2023

Canada warns of text message scams

According to Canada’s Anti-Fraud Centre, these scams have led to the theft of 6.5 million Canadian dollars in the first quarter of 2023

19 June 2023

LockBit leaks 8,000 French passports

In mid-May, 2023, the Russian cybercriminal group hacked the Voyageurs du Monde travel agent, who refused to pay the ransom

17 June 2023

Delving into the business of fake code-signing certificates

An investigation by Brian Krebs looks back at the career of a Russian cybercriminal specializing in the trafficking of these precious sesames.

Digital identity & KYC

07 July 2023

European Digital Identity Wallet: text makes progress, but disagreements persist

The European Commission, the European Parliament, and the Council have completed a round of negotiations on this key text for the EU’s digital transformation.

19 June 2023

The Catholic Church in France gives priests digital IDs

It is now possible to verify if priests are authorized to say Mass or hear confession, and thus make sure they are not accused of any sexual crimes

19 June 2023

New fundraising round for Archipels, which welcomes shareholder IN Group

Publicly owned French company Archipels develops digital identity platform based on blockchain

16 May 2023

DocuSign launches AI-assisted ID verification

Named “ID Verification for EU Qualified”, compliant with European Union and United Kingdom regulatory requirements, this solution also relies on human approval

26 April 2023

United States: Senate Passes Digital Identity Bill

A Senate committee has validated the Improving Digital Identity Act, which is intended to enable the deployment of a “trusted and interoperable” identity verification solution

08 March 2023

Africa: Digital identity fraud on the rise

Report on KYC in Africa reveals 28% rise in fraud by 2022

Digital Sovereignty

27 September 2023

Social media fail to counter Russian propaganda

By Stanislas Tarnowski

A study for the European Commission concludes that social media have failed to tackle Russian disinformation campaigns effectively. It describes the tools put in place to measure the scale of ...

21 July 2023

European Commission: former Big Tech lobbyist relinquishes post

Under political pressure, Fiona Scott Morton no longer vying for chief competition economist position.

21 July 2023

Canada: Quebec local government outlines its response to cyber incident

By immediately cutting all Internet connections, the Kativik regional government claims to have prevented any potential data leak.

21 July 2023

Amazon’s turn to notice DSA

The US giant claims it is not a “very large digital platform”, but its arguments are not as convincing as Zalando’s.

07 July 2023

[NANO Corp] Fanch Francis: “To build a European champion, you have to look for customers and investors in Europe from the outset.”

By Fabrice Deblock

For the co-founder and director of NANO Corp, a French company specialising in deep observability, a European champion in this field can only be built by facing up to the realities on the ground ...

29 June 2023

Qwant to be acquired by Octave Klaba and integrated into a global SaaS platform

With the backing of Caisse des Dépôts, the founder of OVHcloud is to create Synfonium, a new entity offering a sovereign alternative to the integrated SaaS solutions of the American giants, which ...

Digital transition

19 September 2023

What is the best environment for a pentest?

By Gabrielle Botbol

Preparing for a penetration test, often shortened to pentest, is crucial for any company or organisation concerned about protecting its digital assets. A key consideration is choosing which ...

05 September 2023

United States: generative AI not subject to copyright law

US courts confirm US Copyright Office decision, challenged by CEO of Imagination Engines.

05 September 2023

OSINT: Tips for keeping ourselves safe online

By Fanny Tan

Before getting started with OSINT, it’s essential to take a few steps to strengthen our online security.

04 September 2023

Trust at the heart of data protection regulations: a common thread in Europe and Canada (Quebec)

By Mes Garance Mathias et Cynthia Chassigneux

European, French and Quebec regulations contain everything needed to create a framework of trust among stakeholders when it comes to data governance. But given the challenges of cybersecurity and ...

14 August 2023

Negligence at Quebec Ministry of Cybersecurity

Employee sent confidential information regarding 529 employees to a personal inbox during her transfer to a different government body

31 July 2023

Cyber-resilience in African microfinance is still low

By Marc Auxenfants

Although only 10 or 15% of Africans have a bank account, the continent’s financial institutions are still confronted with a systemic cyber-risk. In the face of such challenges, the Africa ...

Swiss tax returns available on the darknet

Read also