Ransomware Attacks count rises with Comparis.ch Breach

Swiss-based insurance and mortgage comparison company Comparis.ch has fallen victim to ransomware attack on Wednesday and shut down its website on Thursday out of fear of customer data breach.

Comparis.ch is a price and product comparison platforms in Switzerland, specializing in products of health insurers prices, insurance companies’ prices, alongside banks and telecom providers.

On Wednesday July 7, the ransomware attack hit the company’s website and by Thursday it was completely shut by the hackers. By Friday, the Swiss company had already taken legal actions against the attack inflicted on it.

Since the cyberbreach, the comparison company has managed to restore and bring back the website’s accessibility. Yet, despite the assured safety of the company’s major customer databases, the same thing cannot be said about its sister company Credaris.

Credaris is an independent credit service provider, offering easy access to loans.

Accordingly, the initial evaluation of the attack indicates that perpetrators had access to specific customer data of the credit service company Cedaris.  

“As far as we know, most databases do not seem to be affected by the incident. Unfortunately, first detailed analyses suggest that the perpetrators had access to certain customer-relevant data of sister company Credaris, whose systems are partly operated in the same server environment,” was quoted as saying in a statement.

The Swiss price comparison site got shut down on Thursday after anonymous ransomware attackers demanded $400,000 in cryptocurrencies to bring it back online in full function.

Despite the complaints filed by both sister companies, Comparis and Credaris, both of their grievances are against anonymous perpetrators as they are yet to be identified. In the meantime, Comparis experts are working with outside cybersecurity specialists to maintain full recovery of all its systems.

Since most pervious ransomware – the ransomware attack that targeted Florida-based IT firm Kaseya – REvil is considered one of the main suspects regarding this breach, yet no official confirmation has been released.

Nevertheless, the comparison company Comparis.ch did not abide by the attackers’ rules and demands and refused to pay the requested crypto ransom of $400,000 to reclaim the site’s functionality.

Presently, in spite of the company’s announcement regarding its website’s recovery from cyber invaders, accessing Comparis via e-mail and customer has been put on hold until cybersecurity specialists settle the website’s full recovery.

In the overtaking atmosphere of ransom attacks, another perpetrated cyber incident took place in Southeastern Asia. 

Following the Kaseya and Comparis breaches, another cyberattack occurred on Friday July 9,concerning an Iranian railroad system cyberattack.

Similarly, like most of the previously covered ransomware attacks, the company was informed of the attack through displayed messages stating “long delayed because of cyberattack” or “cancelled” on their systems boards.

As reported by the Semiofficial Fars news agency, the hack resulted in “unprecedented chaos” at Iranian rail stations where trains across the state lost their electronic tracking system.

However, following the state’s spokesman for its railway, Fars soon after subtracted its report and instead quoted the spokesman by stating the imposed disruption did not cause any severe problems for the train services.

With the expanded frequency and success of ransomware attacks worldwide, well-known cyberbreaches will keep making headlines until a shift in action takes place to hinder its growth and influence.