On the weekend of March 14-15, 2026, the ICT infrastructure of the Matten municipality in Switzerland came under a cyberattack. The attack targeted key municipal systems, resulting in the encryption of some data files. However, thanks to rapid response and robust security measures, the administration was able to maintain operations without interruption, and no data was stolen or published, according to an official statement from the Gemeinde Matten published by Radio BeO.
The cyberattack affected the local government sector, specifically the administrative systems of the municipality of Matten bei Interlaken. While some files were encrypted during the incident, these were fully recovered without data loss. Importantly, critical systems such as the resident registry (Einwohner- und Fremdenkontrolle), business administration, and finance systems were reportedly never compromised. Throughout the incident, the municipal administration remained accessible to the public during regular hours both by phone and in person, ensuring continuity of essential services.
Immediately after detecting the attack, Matten’s authorities involved external cybersecurity experts to restore affected systems, conduct a forensic analysis of the event, and secure evidence for further investigation. The Bern Canton Police (Kantonspolizei Bern) was informed promptly, and a criminal complaint was filed against unknown perpetrators. As of current reports, no ransomware group has claimed responsibility, and there is no confirmation of any data breach or exfiltration. The attack vector remains undisclosed, and officials have not provided additional details regarding how the attackers infiltrated the network.
While the incident did not result in data theft or operational downtime, the municipality acknowledged a reputational impact and the significant effort required to restore and secure their systems. In response, Gemeinde Matten has implemented additional technical and organizational security measures, focusing on hardening their ICT infrastructure. Furthermore, ongoing employee training and cybersecurity awareness programs have been intensified to reduce the risk of future incidents.
This event underscores the importance of preparedness and swift incident response within public administration environments. Organizations, especially those in the public sector, can draw several key lessons from Matten’s experience. First, maintaining regular backups and robust recovery procedures ensures that encrypted data can be restored without paying ransoms or suffering prolonged outages. Second, the rapid engagement of external cybersecurity specialists and law enforcement can significantly aid in mitigating damage and preserving forensic evidence. Third, continuous strengthening of security protocols and staff awareness are critical to reducing vulnerability to cyber threats.
For municipal and similar organizations seeking to protect themselves, the following recommendations are prudent:
- Implement comprehensive data backup strategies with offline or immutable copies to safeguard against encryption attacks.
- Regularly update and patch ICT systems to close vulnerabilities that attackers could exploit.
- Establish clear incident response plans that include coordination with external experts and law enforcement.
- Conduct ongoing cybersecurity training programs to educate employees about phishing, social engineering, and other common attack vectors.
- Perform routine security audits and penetration testing to identify and remediate weaknesses proactively.
- Deploy layered security controls such as endpoint protection, network segmentation, and multi-factor authentication.
The cyberattack on Gemeinde Matten serves as a reminder that even well-prepared public institutions remain targets for cybercriminals. Vigilance, preparation, and swift action remain vital components of effective cybersecurity defense.
Sources: Radio BeO, https://www.radiobeo.ch/cyberangriff-auf-gemeinde-matten/
Source: Kategorien: | Data from Ransomware.live | Generated with AI assistance