Cyber Incident Victim: Frankenspalter
Date:
Jul 2025
Location:
Cocos (Keeling) Islands
Summary
A cyberattack on an external service provider led to the theft of customer data belonging to Frankenspalter and its partner Kibernetik. Following the breach, the Liechtenstein‑Swiss firms warned their clients about possible fraud attempts, noting that the exact number of affected individuals could not yet be determined. VR‑President Thomas Hagmann emphasized that the full scope of the breach remained unclear, and the companies continued to monitor the situation while cooperating with investigators to assess the impact and secure their systems.
| CIA Posture | Motives | Tactics, Techniques & Procedures |
|---|---|---|
| Available to members | 0 motives | 1 technique |
| Threat Actors | Type | Location |
|---|---|---|
| 0 actors | Available to members | Available to members |
Description
On August 5, 2025, Vaterland reported that Frankenspalter and Kibernetik issued a warning to their customers after a cyberattack on an external service provider resulted in the exfiltration of customer data belonging to both companies. The article states that the breach occurred when hackers targeted the third‑party provider, gaining access to information stored on its systems. As a result, personal data of Frankenspalter and Kibernetik customers was compromised and taken by the attackers. The report does not specify the type of data that was stolen or the exact volume of records affected. It also does not name the external service provider that was targeted.
Following the discovery of the breach, the Liechtenstein‑Swiss companies Frankenspalter and Kibernetik notified their customers to be vigilant for potential fraud attempts that could arise from the exposed information. VR‑President Thomas Hagmann was quoted in the article saying that the current number of affected customers cannot be determined. The warning advised recipients to monitor their accounts and communications for suspicious activity. No further details about the timeline of the attack, the methods used by the attackers, or any containment measures were provided in the source. The article concludes with the statement that the companies are continuing to assess the situation.