Finaport

Finaport operates as a wealth management firm headquartered in Switzerland, providing financial advisory and portfolio management services primarily to private clients. The company maintains a significant presence in the Swiss and Liechtenstein markets, where it serves its core customer base, and it also operates an international branch in Singapore, extending its reach into Asian markets. Its business model centers on the stewardship of client assets, a function that places it within the tightly regulated Swiss financial sector. The firm's operational footprint, while anchored in the Alpine region, demonstrates a deliberate strategy to cater to a globally mobile clientele through its Singaporean outpost, a location that became directly relevant during a major security incident. This geographic distribution underscores its positioning as an international player within the wealth management space, though specific metrics regarding assets under management or employee count are not provided in the available information.

The defining event in Finaport's recent operational history is the ransomware attack it suffered on January 1, 2023, attributed to the ALPHV (Black Cat) group. This incident resulted in the theft and subsequent darknet publication of internal company data, including employee Outlook mailboxes, following the firm's decision not to pay the ransom demand. In response, Finaport executed a comprehensive incident recovery plan, immediately isolating affected systems and completely rebuilding its central IT infrastructure from the ground up. This decisive action allowed the company to restore critical business operations within one week. A key aspect of the breach's impact was its geographic variance; while the Singapore branch was directly compromised, the core customer databases for the Swiss and Liechtenstein markets remained unaffected, protected by existing backup protocols. Finaport's adherence to regulatory obligations was demonstrated by its report to Swiss financial authorities within the mandated 24-hour window. The firm's handling of the crisis—prioritizing system integrity over ransom payment and achieving a swift operational recovery—highlights a resilience strategy focused on containment, rebuild, and transparent regulatory communication, though it ultimately led to the public exposure of internal corporate data.