Swiss banks UBS and Pictet confirmed this week that a third-party cyberattack led to a leak of internal company data, highlighting the growing threat of supply chain vulnerabilities in financial services.
The breach stemmed from an attack on Chain IQ, a Baar-based procurement services provider. Chain IQ said it was one of 20 organisations targeted in a sophisticated intrusion that leveraged techniques “never before seen on a global scale.”
UBS moved quickly to reassure stakeholders.
“A cyber attack at an external supplier has led to information about UBS and several other companies being stolen. No client data has been affected,” the bank said in a statement. “As soon as UBS became aware of the incident, it took swift and decisive action to avoid any impact on its operations.”
Details of Tens of Thousands of Employees
Swiss newspaper Le Temps reported that the stolen data includes details of tens of thousands of UBS employees. Among the records leaked was a direct internal line to UBS CEO Sergio Ermotti.
Pictet, a private bank, said it was also affected. It stressed that no client information was compromised. The stolen data included invoice-related files tied to external suppliers such as IT vendors and consultants. “We take data breaches seriously,” Pictet said, citing internal protocols aimed at preventing unauthorised access.
Chain IQ confirmed that some customer data was exfiltrated and published on the darknet, an anonymous part of the internet where illicit material is often traded.
“Immediately after the data was published on Thursday, June 12, 2025, at 5:15 p.m. CET, all relevant systems were checked, secured, and protective measures were strengthened,” the company said.
Law enforcement was notified and containment was achieved after 8 hours and 45 minutes, according to Chain IQ’s statement. The company said it informed affected customers, partners, and employees on the same day, and continues to work with cybersecurity firms InfoGuard and Kyndryl on remediation.
No Bank Customer Data Stolen
Chain IQ emphasised that it does not hold any data related to its customers’ core banking operations. “Accordingly, no bank customer data was stolen in this attack,” it said. However, some employee business contact details (such as internal telephone numbers) were accessed and leaked.
Swiss financial regulator FINMA acknowledged awareness of the incident and is addressing it according to standard procedures.
While firms like KPMG, also listed as a Chain IQ client, confirmed their infrastructure had not been affected, the incident has reignited concerns about the long tail of cybersecurity risk in banking.
Chain IQ stated it would not comment on any ransom demands or negotiations, citing ongoing investigations and security protocols.
The breach, although limited in scope, is a reminder that even the world’s most secure banks cannot afford to overlook the risk beyond their walls.
Adopt an ‘Assume Breach’ Mindset
Piyush Pandey, CEO at Pathlock , says the leakage of personal employee data, including a direct internal line to the CEO, is particularly concerning amid the current wave of sophisticated social engineering attacks. “There are multiple ways criminals could misuse this information, underscoring the need for the company to enhance its cybersecurity resilience. Attacks targeting senior leadership are especially bold, as they aim to gain access to critical systems and business processes to disrupt operations or commit fraud.”
In a world of escalating cyber threats, Pandey says that organizations should adopt an ‘assume breach’ mindset, investing not only in preventive measures but also in controls that ensure attacks can be quickly detected, contained, and remediated. “This approach helps terminate the malicious activity at an early stage and supports faster recovery.”
Information Security Buzz News Editor
Kirsten Doyle has been in the technology journalism and editing space for nearly 24 years, during which time she has developed a great love for all aspects of technology, as well as words themselves. Her experience spans B2B tech, with a lot of focus on cybersecurity, cloud, enterprise, digital transformation, and data centre. Her specialties are in news, thought leadership, features, white papers, and PR writing, and she is an experienced editor for both print and online publications.
The opinions expressed in this post belong to the individual contributors and do not necessarily reflect the views of Information Security Buzz.