The Reporting and Analysis Centre for Information Assurance (MELANI) of the Swiss Confederation published a warning on 29 August stating that unauthorised individuals have gained access to thousands of email accounts all over Switzerland. On this day, we were already working on blocking the attacks.
What’s important to know is that neither digitec nor Galaxus were hacked. However, according to the information at hand, we have to assume that the scammers were able to access accounts of our customers using the login data that was stolen externally. How is this possible? Unauthorised individuals are in the possession of an extensive list of email addresses and corresponding passwords, which they used to try to access our online shop accounts. The probability is high that other companies – or rather their customers – are affected, too.
At noon of 31 August, we sent an email to those customers who we suspect are affected. In the email, we urgently asked the customers to change the password of their email account.
For security reasons, we also took prompt action and reset the digitec/Galaxus account of the affected customers. These customers were asked to request a new password in order to log in again. We also pointed out to the affected customers that changing their email account password is necessary before resetting their digitec/Galaxus account.
Here you can read an article in German by 20minuten.ch on the subject. In the meantime, we have increased our security measures, for instance by integrating a so-called reCAPTCHA function. By doing so, we’ve been successful in deflecting recent attacks.
Is my email address secure?
You can check your email with MELANI’s «checktool » as well as with the service «Have I been PWNED» by the Australian director of Microsoft:
What to do if I’m affected?
MELANI advises all persons and companies to check their email addresses with the service in the link above. We also recommend the use of «Have I been PWNED». Should your account be affected, MELANI advises you to take the following actions:
- Change the password of all your online accounts that are linked to the affected email address (email account, online shops, e-banking, social media etc.).
- Use a separate password for each website/service.
- If possible, activate a so-called two-factor authentication.
- In the coming weeks, you should also check bank statements, iTunes debiting etc. Should you find irregularities, please get in touch with your bank or the corresponding company.