Last week’s ransomware attack on Swiss price comparison website Comparis resulted in a data breach and client data was most probably stolen, say Zurich police.
This content was published on July 15, 2021 – 16:30
Last Wednesday Comparis.ch, which has 80 million visits a year, was shut down by ransomware attackers demanding $400,000 (CHF370,000) in cryptocurrencies to put it back online. By Friday the website was operational again. A Comparis spokesman told SWI swissinfo.ch that no ransom had been paid.
The company initially said it believed that no customer data had been breached. However, on Wednesday, a week after the attack, Zurich cantonal police said detailed analyses had shown that the perpetrators of the attack had access to certain internal customer data belonging to Comparis.
The investigators assume that certain data was stolen. This includes customer data of Credaris AG, a Comparis subsidiary. The company said in a statement that it had directly informed those potentially affected. It strongly recommends customers change their password as a precaution.
The identity or location of the cyberattackers is not known and the ransom demand took the form of a URL implanted in a secure area of the IT system. Comparis has filed a criminal complaint over the attack.
Comparis.ch is used by consumers to compare prices on the likes of insurance and mortgage deals.
Ransomware attacks appear to be getting more frequent and having greater success worldwide.
High-profile cases have also been making headlines: for example, when thousands of companies worldwide, including a supermarket chain in Sweden, were paralysed by a recent attack on United States IT services provider Kaseya.
US oil and gas company Colonial Pipeline was hit in May and had to pay a bitcoin ransom to get supplies back online, although the FBI said it had since recovered most of the cryptocurrency that was paid.
Last month the world’s largest meat processor, JBL, faced major disruption to its operations before paying a ransom demand.
In Switzerland, rail company Stadler was attacked last year and suffered confidential data being made public because it refused to pay up.