Swiss politicians’ accounts hacked – investigation by Proton and Constella reveals
By Sean Rayment
Sensitive information belonging to Swiss politicians has surfaced on the darknet, according to the newspaper Tages-Anzeiger.
An investigation by Swiss technology company Proton and US firm Constella Intelligence, a leading cybersecurity company, reveals that around 16 per cent of members of the Federal Council, National Council, and Council of States are affected. A total of 44 email accounts and 78 passwords were discovered.
According to Proton, many politicians had used their official email addresses to register on platforms such as LinkedIn, Dropbox, or Adobe—services that were later hacked.
Embarrassingly, three politicians reportedly used their parliamentary email addresses to sign up for dating or adult websites.
One of the politicians whose accounts were compromised has been named, though Proton is not disclosing any further details. Those affected have been informed so they can take remedial action.
The breach underscores the critical need for robust cybersecurity measures for all online users—from private citizens to government officials.
Although individual accounts were compromised, Swiss parliamentary services have stated that the official @parl.ch mailboxes were not affected. These accounts are protected by multi-level security protocols and are regularly monitored, according to Swiss authorities. In addition, regular cybersecurity awareness campaigns are conducted during parliamentary sessions.
However, according to Proton, beyond email addresses and passwords, other personal information—including phone numbers, credit card details, and home addresses—has also appeared on the darknet. Previous studies suggest that similar vulnerabilities exist in other countries.
Cybersecurity expert Nicolas Mayencourt sees the findings as indicative of a widespread lack of awareness. Speaking to Tages-Anzeiger, he warned that personal data remains dangerously accessible and called for the strict separation of personal and official accounts, as well as the use of password managers and multi-factor authentication.
Alberto Casares, Chief Technology Officer at Constella Intelligence, told National Security News last year that terrorists and state actors have developed tools capable of automatically scanning computer systems for vulnerabilities.
Once weaknesses are identified, attackers can target victims using specific types of malware known as “info-stealers.”
He explained: “What we’ve seen in recent months is that these threat actors are increasingly using techniques focused on targeting Israeli citizens and critical infrastructure.
“In some cases, they exploit information compromised by an info-stealer—a type of malware that extracts data from a device by embedding itself in seemingly legitimate software, including video games or even PDF documents.
“They wait for the victim to click and download the malicious software. Once that happens, the attacker receives an alert and begins analysing the stolen data.
“This malware can access browser history, saved passwords, cookies (which are extremely valuable), and even sensitive documents stored on the device. With this information, the attacker can bypass multi-factor authentication and hijack accounts. It’s a sophisticated form of attack, but alarmingly easy to learn.”
Constella Intelligence is equipped to analyse data from such breaches, and Casares noted that hundreds of breaches occur globally each day.
Despite the growing sophistication of cyberattacks, Casares stressed that organisations can still protect themselves by taking the right precautions.
“First of all,” he said, “awareness is crucial, as most infections occur when users click on or download malicious programs. We’ve even seen legitimate-looking PDF files—copied from authentic sources—used to deliver malware.
“So, the first defence is awareness. Be careful not to click on or download files from suspicious websites.
“The second is to ensure your software is kept up to date and you are using antivirus protection. These are some of the most effective defences against cyberattacks.”
