Army and ministers among millions of hacked Swiss E-mails

There are more than three million Swiss accounts in a database of hacked E-mail information circulating on the Web since January. Keystone

Millions of Swiss E-mail addresses and hacked passwords are circulating on the Internet, including for accounts of government ministers, members of the army and thousands of federal employees, according to Swiss broadcasters RTS and SRF.

This content was published on March 6, 2019 - 19:38
RTS and SRF/jc

The report is based on their analysisExternal link of “Collection #1-5", a database of stolen passwords and nearly 2.2 billion E-mail addresses that started circulating on the Web in January. Among them are 3.3 million addresses ending in the Swiss

These include three federal government members and at least 20 members of cantonal governments, as well as the current head of the army Philippe Rebord. Around one-fifth of the 2,500 federal addresses affected belong to the Swiss armed forces.

Army spokesman Daniel Reist told SRF that the army is aware of the problem and that the employees concerned had been personally informed in January. “In order to minimize risk and increase private security, we recommend changing as many passwords as possible,” he said.

SRF notes that the risk for the army could be classified as low since these were private accounts. It also said that because the army uses several factors to log into its systems, passwords alone are of little value to attackers.

+ Read more on army efforts to boost cybersecurity

Foreign minister Ignazio Cassis is among the federal government members figuring in the hacked account information. RTS says it identified three addresses for Cassis, including two former official addresses, which all used the same password.

When contacted by RTS, Cassis stated that only his private address is still active and that the password was not valid for that address. He added that his professional E-mails were “managed by federal specialists and meet high security criteria”.

This database does not necessarily provide direct access to users’ inboxes, and some of the information relates to accounts hacked years ago, but they do open gaps in security, especially for people who often use the same password for different services, writes RTS. 

This article was automatically imported from our old content management system. If you see any display errors, please let us know:

Share this story

Join the conversation!

With a SWI account, you have the opportunity to contribute on our website.

You can Login or register here.