What caused the data leak at UBS and Pictet?

The data leak was caused by a cyber attack on Chain IQ, an external provider, which resulted in the theft of information about UBS and several other companies.

Was client data compromised in the cyber attack?

No, UBS confirmed that no client data was affected by the cyber attack.

What type of information was leaked?

The leaked information included details of tens of thousands of UBS employees and invoice information related to Pictet's suppliers.

How did UBS respond to the incident?

UBS took swift and decisive action to contain the situation as soon as it became aware of the incident, ensuring no impact on its operations.

What did Chain IQ say about the attack?

Chain IQ stated that it and 19 other companies were targeted in the attack, and the leaked data was published online on the darknet.

Editorial & Advertiser disclosure

Global Banking & Finance Review® is an online platform offering news, analysis, and opinion on the latest trends, developments, and innovations in the banking and finance industry worldwide. The platform covers a diverse range of topics, including banking, insurance, investment, wealth management, fintech, and regulatory issues. The website publishes news, press releases, opinion and advertorials on various financial organizations, products and services which are commissioned from various Companies, Organizations, PR agencies, Bloggers etc. These commissioned articles are commercial in nature. This is not to be considered as financial advice and should be considered only for information purposes. It does not reflect the views or opinion of our website and is not to be considered an endorsement or a recommendation. We cannot guarantee the accuracy or applicability of any information provided with respect to your individual or personal circumstances. Please seek Professional advice from a qualified professional before making any financial decisions. We link to various third-party websites, affiliate sales networks, and to our advertising partners websites. When you view or click on certain links available on our articles, our partners may compensate us for displaying the content to you or make a purchase or fill a form. This will not incur any additional charges to you. To make things simpler for you to identity or distinguish advertised or sponsored articles or links, you may consider all articles or links hosted on our site as a commercial article placement. We will not be responsible for any loss you may suffer as a result of any omission or inaccuracy on the website.

Home > Finance > UBS and Pictet report data leak after cyber attack on provider, client data unaffected

Finance

UBS and Pictet report data leak after cyber attack on provider, client data unaffected

Published by Global Banking & Finance Review®

Posted on June 18, 2025

2 min read

Last updated: January 23, 2026

UBS and Pictet report data leak after cyber attack on provider, client data unaffected - Finance news and analysis from Global Banking & Finance Review

UBS and Pictet Experience Data Leak Following Cyber Attack on Supplier

By Oliver Hirt

ZURICH (Reuters) -Swiss banks UBS and Pictet said on Wednesday they had suffered a data leak due to a cyber attack on a provider in Switzerland that did not compromise client information, although a report said thousands of UBS workers' data was affected.

Swiss newspaper Le Temps said that files containing details of tens of thousands of UBS employees were stolen from the Baar-based business service company Chain IQ, whose website lists KPMG and Mizuho among its clients.

"A cyber attack at an external supplier has led to information about UBS and several other companies being stolen. No client data has been affected," UBS said.

"As soon as UBS became aware of the incident, it took swift and decisive action to avoid any impact on its operations."

The leaked cache also included the number of a direct internal line to UBS CEO Sergio Ermotti, Le Temps reported.

Chain IQ said it and 19 other companies were targeted in the attack, resulting in leaked data being published online on the darknet - a part of the internet not accessible through standard search engines.

Steps and countermeasures were promptly taken and the situation was contained, it said in a statement.

Swiss financial market regulator Finma said it was aware of the incident and was handling it in line with established procedures.

In a statement, KPMG said its infrastructure has not been affected by the cyber attack, but that it had put added safeguards in place after news of the leak.

Chain IQ, which said the data was published on the afternoon of June 12, said that it could not provide any information on potential ransom demands or interactions with the attackers for security and investigative reasons.

Private bank Pictet said the information stolen did not contain its client data and was limited to invoice information with some of the bank's suppliers, such as technology providers and external consultants.

Pictet said it took data breaches seriously and had protocols and agreements in place to stop unauthorised access.

The attack was a reminder that third parties can leave even the biggest institutions exposed and that could have a potential long-term impact on Swiss banking, said Ilia Kolochenko, CEO of a Swiss-based security firm ImmuniWeb.

(Reporting by Oliver HirtWriting by Dave GrahamEditing by Tomasz Janowski, Bernadette Baum and Elaine Hardcastle)

UBS and Pictet report data leak after cyber attack on provider, client data unaffected

Quick Summary

UBS and Pictet Experience Data Leak Following Cyber Attack on Supplier

Key Takeaways

Frequently Asked Questions about UBS and Pictet report data leak after cyber attack on provider, client data unaffected