Switzerland aims to identify and prosecute those behind a 2022 Credit Suisse data leak.
Reuters reported Friday (Feb. 3) that the country’s federal prosecutors have launched criminal proceedings and those responsible for the leak have not been identified.
The case alleges that banking secrecy laws were violated, Credit Suisse suffered damage and confidential business information was released to foreign organizations, according to the report.
The data leak occurred in February 2022 and gave information on 18,000 accounts to newspapers.
The accounts were open at Credit Suisse between the 1940s and the 2010s, held over $100 billion and were connected to criminals, reported human rights abusers and sanctioned people — including people accused of torture, corruption or related to dictators.
Because the data was released to newspapers and widely reported, Credit Suisse has faced fallout after the incident.
The bank has said that 90% of the accounts included in the leak had already been closed or soon would be, that it was “comfortable” that other accounts had been appropriately vetted and that it “strongly rejects” accusations about its practices.
“The matters are predominantly historical, in some cases dating back as far as the 1940s, and the accounts of these matters are based on partial, inaccurate or selective information taken out of context, resulting in tendentious interpretations of the bank’s business conduct,” Credit Suisse said at the time.
The incident was one of many data breaches that have hit companies across the industry in recent months.
For example, mobile carrier T-Mobile reported a monthlong data breach that affected 37 million customers. Fleet management platform ShipManager said a ransomware attack affected 70 customers operating 1,000 ships and carmaker Toyota apologized for a breach apparently caused by a third-party vendor that is thought to have leaked information about 300,000 customers.
Some firms have faced actions by the United States Federal Trade Commission (FTC) after data breaches. The FTC did so with educational technology provider Chegg, alleging that the company failed to implement basic security measures, and with online alcohol marketplace Drizly, saying that the company had been alerted to data security problems but failed to improve its procedures before a data breach took place two years later in 2020.