Freely subscribe to our NEWSLETTER

“Before the exact scope of the alleged data breach is known and verified, it would be premature to make final conclusions. However, based on the publicly available data, this data breach may have a disastrous and long-lasting impact on the Swiss banking industry – given that UBS is the largest financial institution of the country.
"The reportedly stolen information of bank employees can be exploited in sophisticated scams, fraud and phishing attacks, artfully impersonating bank employees and stealing sensitive data or even funds of its clients. The wide availability of GenAI tools, capable of impeccably impersonating voices and even videos, may certainly amplify the consequences of the data breach. Worse, some of the stolen data may be exploited to blackmail bank employees or even facilitate money laundering via sophisticated social engineering operations.
"An urgent investigation is required in collaboration with both law enforcement and private sector to establish the precise timeline, scope and thus the foreseeable consequences of the data breach. UBS should likewise urgently consider taking some preliminary measures, for example, by notifying the impacted employees and customers about the possible risks, to prevent damage.
"From the technical viewpoint, this incident is a grim reminder that third parties are the Achilles’ Heel even of the largest financial institutions. From the legal viewpoint, the question of liability is complex, however, it is perfectly possible that the bank may eventually be liable to the victims for the damage suffered as a result of the attack.”