What Happened
In June 2025, UBS Group, a Zurich-based banking giant, confirmed that sensitive company data belonging to approximately 130,000 employees was stolen in a ransomware-style cyberattack targeting its external supplier, Chain IQ (a procurement firm spun off from UBS in 2013). The hacker group World Leaks (formerly Hunters International) leaked the information on the dark web, including employee names, email addresses, phone numbers (such as CEO Sergio Ermotti’s direct line), home addresses, office locations, floor details, positions, and spoken languages; the incident also affected other Chain IQ clients like Pictet, but UBS emphasized no client data was compromised. UBS responded swiftly to mitigate operational impact, while Chain IQ acknowledged the breach impacting it and 19 other companies without detailing exposed data.
