Cyber Incident Victim: MCH Group

On October 20, 2021, Swiss exhibitions and marketing firm MCH Group experienced a malware attack that disrupted its systems. The company, which employs over 700 people and organizes approximately 90 events globally—including Art Basel exhibitions in Basel, Miami Beach, and Hong Kong, along with the Baselworld watch and jewelry show—activated its internal ICT specialists immediately following the incident. These teams collaborated with external cybersecurity experts and Swiss federal authorities to contain the attack and mitigate damage. MCH Group confirmed that all scheduled exhibitions and events would proceed without interruption despite the operational disruption. The organization initiated a forensic investigation to determine whether attackers had exfiltrated any data during the breach and announced its intention to file a criminal complaint with law enforcement. No specifics regarding the malware variant, initial attack vector, or duration of system downtime were disclosed in the initial statement.

The incident occurred amid a surge in cyberattacks targeting Swiss entities during October 2021. Switzerland’s National Cyber Security Centre (NCSC) reported 832 cybersecurity incident notifications during that week—the highest volume recorded in the preceding twelve months. Among these, 315 cases involved malware infections, while fraud and phishing constituted other major categories. This broader context included recent breaches at Switzerland’s Easygov federal portal, municipal systems in Montreux, rail manufacturer Stadler, price comparison service Comparis, and the August 2021 exposure of personal data for all residents of Rolle. MCH Group’s attack mirrored this pattern of Swiss organizations facing increased cyber threats, though no direct connection between these incidents was established in available reporting. The company maintained focus on restoring systems while preserving operational continuity for its international events portfolio during the investigation.