Cyber Incident Victim: Infoniqa

On August 4, 2025, Infoniqa, an IT service provider specializing in HR and accounting solutions for small and medium-sized businesses, detected a cyberattack. The attack itself had occurred during the night between August 3rd and August 4th. Upon discovery on Monday, August 4th, Infoniqa immediately initiated protective measures, which included taking specific parts of its HR platform offline. The company publicly acknowledged the incident through a customer communication sent on Wednesday, August 6th, confirming it was a cyberattack. This status change was reflected on Infoniqa's status page, which listed "Major Outage" conditions affecting several services starting August 4th. By the afternoon of Friday, August 8th, the impacted services remained offline; these included "ONE Start Cloud," the "myInfoniqa Kundenportal," and the "Help Center / Ticketsystem." Infoniqa, headquartered in Root, Switzerland, stated it was actively investigating the scope of the compromise to determine which systems were affected and which remained secure and functional.

Infoniqa explicitly stated that, as of the information available up to August 8th, it had found no concrete evidence indicating that personal or business data had been stolen during the incident. Despite the lack of confirmed data exfiltration, the attack caused significant operational disruption by forcing the shutdown of core customer-facing services. The company reported the incident to the relevant authorities, fulfilling its regulatory obligations. Infoniqa's customer base consisted of approximately 35,000 small and medium-sized enterprises relying on its portfolio of solutions, which encompassed time tracking, recruiting, and performance management tools. The primary consequence was the sustained unavailability of key platform components for several days following the attack detection, impacting service delivery while the investigation and recovery efforts continued.