FILE PHOTO: A logo of Swiss bank UBS is seen in Zurich, Switzerland, May 1, 2025. REUTERS/Denis Balibouse/File Photo
ZURICH (Reuters) -Swiss banks UBS and Pictet said on Wednesday they had suffered a data leak due to a cyber attack on a provider in Switzerland that did not compromise client information, although a report said thousands of UBS workers' data was affected.
Swiss newspaper Le Temps said that files containing details of tens of thousands of UBS employees were stolen from the Baar-based business service company Chain IQ, whose website lists KPMG and Mizuho among its clients.
"A cyber attack at an external supplier has led to information about UBS and several other companies being stolen. No client data has been affected," UBS said.
"As soon as UBS became aware of the incident, it took swift and decisive action to avoid any impact on its operations."
The leaked cache also included the number of a direct internal line to UBS CEO Sergio Ermotti, Le Temps reported.
Chain IQ said it and 19 other companies were targeted in the attack, resulting in leaked data being published online on the darknet - a part of the internet not accessible through standard search engines.
Steps and countermeasures were promptly taken and the situation was contained, it said in a statement.
Swiss financial market regulator Finma said it was aware of the incident and was handling it in line with established procedures.
In a statement, KPMG said its infrastructure has not been affected by the cyber attack, but that it had put added safeguards in place after news of the leak.
Chain IQ, which said the data was published on the afternoon of June 12, said that it could not provide any information on potential ransom demands or interactions with the attackers for security and investigative reasons.
Private bank Pictet said the information stolen did not contain its client data and was limited to invoice information with some of the bank's suppliers, such as technology providers and external consultants.
Pictet said it took data breaches seriously and had protocols and agreements in place to stop unauthorised access.
The attack was a reminder that third parties can leave even the biggest institutions exposed and that could have a potential long-term impact on Swiss banking, said Ilia Kolochenko, CEO of a Swiss-based security firm ImmuniWeb.
(Reporting by Oliver HirtWriting by Dave GrahamEditing by Tomasz Janowski, Bernadette Baum and Elaine Hardcastle)
