UBS, Pictet Data Leaked in Chain IQ Cyberattack

Swiss banks UBS and Pictet have confirmed that a cyberattack on their procurement service provider, Chain IQ, led to the leak of personal data of about 130,000 UBS employees, including CEO Sergio Ermotti, with the information posted on the darknet. The attack, attributed to the ransomware group Worldleaks (formerly Hunters International), resulted in the leak of 1.9 million files and affected a total of 20 companies. Both UBS and Pictet stated that no client data was compromised; Pictet's breach was limited to supplier invoices. Chain IQ, which serves over 400 major international clients, acted swiftly to contain the breach and has not disclosed details regarding any ransom demands. The incident underscores the increasing risks linked to third-party vendors, as nearly all major banks have reported similar breaches in 2024. Investigations by authorities and the affected companies are ongoing.