Report finds mistakes which led to Swiss government data breach 

Mistakes were made by both the government and the internet company Xplain in the case of a criminal cyber-attack on the Bern-based IT business, the Federal Data Protection Commissioner (FDPIC) said on Wednesday. Three reports by the FDPIC said that neither the Federal Office of Police (Fedpol) nor the Federal Office of Customs and Border Security (FOCBS) had clearly agreed with Xplain the conditions under which personal data could be stored on the latter’s servers as part of support services. In addition, Xplain had not taken any appropriate measures to ensure data security or information protection, the reports said. + Read more: how vulnerable is Switzerland to cyber-attacks? The government meanwhile said on Wednesday that it had decided on various measures to prevent future data outflows from the government to IT suppliers. In the cyberattack on Xplain, hackers targeted a vulnerability on the IT service provider’s servers with ransomware and stole data from the federal ...