Schweizerische Gesundheitsstiftung RADIX

Radix, also known as the Schweizerische Gesundheitsstiftung RADIX, is a Swiss non‑profit organisation dedicated to health promotion. As a foundation (Stiftung) it operates under Swiss charitable law and pursues public‑health objectives rather than commercial profit. Its core activities involve designing and supporting initiatives that aim to improve the health and well‑being of the population in Switzerland. These initiatives typically address topics such as preventive care, healthy lifestyles, and health‑equity programmes. Radix collaborates with public‑health authorities, NGOs, and other stakeholders to implement its projects. The organisation’s mandate is confined to the Swiss context, reflecting its national focus. Being a non‑profit, any surplus generated is reinvested into its health‑promotion mission rather than distributed to owners. Radix’s work is guided by evidence‑based approaches and public‑health priorities defined by Swiss federal and cantonal authorities. The foundation maintains a governance structure typical of Swiss Stiftungen, with a board overseeing strategic direction. Its headquarters are located in Switzerland, although the exact city is not disclosed in the provided sources.

In June 2025 Radix experienced a cyberattack carried out by the ransomware group Sarcoma. The attack resulted in the encryption of systems and the exfiltration of approximately two terabytes of sensitive data. Despite describing its security posture as high‑standard, the organisation was unable to prevent the breach. Upon discovery, Radix immediately revoked access to the affected systems and notified the Federal Office for Cybersecurity. The attackers threatened to publish the stolen data unless their demands were met. All compromised data were later confirmed to be intact in backups, which limited permanent loss. The overall damage was characterised as considerable, though the exact financial or operational impact was not quantified in the sources. The incident prompted an ongoing investigation into the intrusion method, which remained undetermined at the time of reporting. This event highlights the vulnerability of even well‑protected non‑profit health organisations to sophisticated ransomware threats. No information is provided about Radix’s ownership structure, parent‑subsidiary relationships, or specific size metrics such as employee count or annual budget.