Seco reports cyber attack on EasyGov
The EasyGov platform operated by Seco was attacked by hackers. An unknown perpetrator had succeeded in stealing a list with the names of 130000 companies that had applied for a Covid 19 loan via EasyGov. Seco has taken immediate measures and launched an investigation.
The EasyGov.swiss platform is an online counter for companies operated by the State Secretariat for Economic Affairs Seco. Via EasyGov, official procedures can be handled electronically, such as obtaining permits, registrations or applications. For example, applications for a Covid 19 loan could also be submitted digitally.
Cyberattack on Easygov occurred as early as August
Now it has been revealed that in August 2021, criminal hackers managed to steal a list of names of up to 130,000 companies by means of an automated query, presumably. These companies had applied for Covid 19 credit in 2020, at the height of the pandemic-related economic crisis. According to Seco, companies that have already repaid the loan in full, as well as all confidential company data such as bank details, IBAN numbers, contact persons, etc., were not affected. The credit amount as part of the attacked data collection was also not tapped by the hackers, Seco informs. And the data of the companies registered on EasyGov was also not affected.
As Seco continues, an attack with up to 544,000 accesses per day was detected between August 10 and 22, 2021. A total of 1.3 million queries were made in August. The perpetrators had carried out an automated query based on the UID numbers. From this, a list of companies that have applied for a Covid 19 loan and have not yet repaid it could be created with a high degree of probability.
No more security leaks
Seco reacted immediately. The attacked web interface was closed within a few minutes. "The accessed data was removed from the server and the process used on EasyGov was completely deactivated. The affected Covid 19 credit application correction process was available to companies in the public area of EasyGov without login. In the protected area (i.e. with login), such an automated query is excluded," according to a statement from Seco, which is supported in this matter by the National Cyber Security Center NCSC. Further security leaks are not known.
EasyGov has been in existence since 2017, and the cyberattack now reported is the first such incident. Seco notes that cybersecurity is given high priority at EasyGov. "The cyberattack that occurred is being comprehensively investigated and all necessary measures are being taken to ensure that the platform is secure in the future, even in the public area (without login)," the statement continues.
