A ransomware attack on the Swiss non-profit Radix has led to the theft and online publication of sensitive government data. Radix, which carries out projects for various federal offices and public authorities, confirmed that the Sarcoma ransomware group breached its systems on 16 June.

According to the Swiss government, some stolen data has already appeared on the dark web.
Authorities are working with the National Cyber Security Centre (NCSC) to assess which federal offices were impacted and how severely.

While Radix has notified affected individuals, it states there is no evidence that sensitive data from its partner organisations was compromised. However, Sarcoma reportedly leaked 1.3TB of documents online, including financial records, contracts, and private correspondence.

Sarcoma is a relatively new but aggressive cybercrime group that began operating in late 2024. It typically gains access through phishing emails, outdated software vulnerabilities, and supply chain weaknesses.

The group has claimed dozens of victims and is known for publishing stolen data if ransom demands are not met.

However, this marks the second serious incident involving Swiss government data in recent months. In March, the government disclosed that a breach at another third-party provider, Xplain, had exposed tens of thousands of documents containing personal details.

The Swiss authorities are urging continued vigilance as investigations into the Radix breach continue.