Cyber Incident Victim: Ilem

On Sunday, January 19, 2025, Ilem Group's subsidiary Boost experienced a targeted cyberattack accompanied by a ransom demand. The malicious attempt sought to compromise Boost's systems and disrupt its services, directly impacting 15% of its client base—equivalent to approximately 30 clients out of over 200 relying on Boost's infrastructure. The attack triggered immediate operational disruptions for affected clients, though the specific nature of the compromised systems or services was not detailed in public disclosures. Ilem's cybersecurity teams activated emergency protocols within hours of detection, initiating containment procedures to isolate affected environments and prevent further propagation. The incident did not escalate beyond Boost's subsidiary infrastructure, with no evidence suggesting group-wide system compromises.

Ilem's response involved round-the-clock efforts by dedicated cybersecurity experts to restore client environments, achieving partial recovery for over 70% of impacted clients—approximately 21 organizations—within 72 hours. Concurrently, the company implemented immediate security enhancements to Boost's protection systems and reviewed internal processes to mitigate future attack vectors. Proactive client support measures included direct assistance to maintain business continuity and minimize operational downtime. Ilem engaged leading external cybersecurity specialists for forensic analysis and collaborated with Swiss law enforcement agencies, including the Geneva Police and Federal Police, throughout the investigation. The company maintained transparent communication with stakeholders but did not disclose whether the ransom was paid or the identity of the threat actors. No data exfiltration or secondary incidents were reported following the initial containment.