Comparis.ch Has Been Attacked by Ransomware

On July 14, 2021, ransomware attackers demanded $400,000 in cryptocurrency to reopen the Swiss policy and housing comparison site Comparis.ch.

Comparis.ch is a Swiss pricing and product comparison website that specializes in health providers’ and insurers’ products, as well as banks’ and telecommunications providers’ rates.

Initially, the business stated that it felt no consumer data had been compromised. But, on Wednesday, a week after the incident, Zurich cantonal police stated that thorough examinations revealed that the attackers had entry to some confidential Comparis client data.

Comparis Attacked by Ransomware

Authorities believe that some data was taken. This contains the client data of Credaris AG, a subsidiary of Comparis. The business stated on its website that it has notified people who could be impacted immediately. Customers are strongly advised to change their passwords as a safeguard.

Additionally, the comparison business was able to repair and reintroduce accessibility to the website. Despite the firm’s assurances concerning the security of its key client databases, the same cannot be stated of its sibling company Credaris.

On Thursday, the Swiss pricing comparison website was shut down after unidentified hackers demanded $400,000 in cryptocurrency to restore full functionality.

Regardless of the fact that both sibling firms, Comparis and Credaris, have filed accusations, both of their concerns are against unidentified offenders. Meanwhile, Comparis’ experts are collaborating with external cybercrime experts to ensure the complete recovery of all its systems.

Nonetheless, Comparis.ch defied the attackers’ rules and demands by refusing to pay the $400,000 crypto ransom demanded to regain the site’s functioning.

Despite the company’s claim that its website has been fully recovered from cyber invaders, access to Comparis through e-mail and customer service has been suspended until cybersecurity professionals determine the website’s complete recovery.

β€œTo our knowledge, the event appears to have had no effect on the majority of databases. Unfortunately, preliminary assessments indicate that the criminals gained access to specific customer-sensitive data from sister business Credaris, whose systems are partially hosted in the same server environment,” the company said in a statement.

The cyberattackers’ names and whereabouts remain unknown, and the ransom demand was made via a URL implanted in a protected section of the IT system. Comparis has filed a police report in connection with the attack. Clients use Comparis.ch to compare costs on products like insurance and mortgages.