23.12.24

OneLog provides further information after the security incident: No evidence of data theft, investigation is ongoing

Two months after the attack on OneLog and following regular updates on the forensic investigation by an external auditor, OneLog, the Swiss media login, provides the following update on the status of the investigation.

The external audit did not reveal any relevant misconfigurations or vulnerabilities in the OneLog system.

From the first day after the incident became known, OneLog has been in close and continuous contact with the relevant authorities to ensure a transparent and coordinated approach. OneLog provided ongoing information on the actions taken and prioritized actions to meet both user security and regulatory requirements.

User data not in the wrong hands according to the best of our knowledge

To date, there is still no evidence that user data (emails and passwords) has been stolen from OneLog. It is still assumed that this was an act of cyber sabotage aimed at disrupting the service and deleting data.

OneLog does not store sensitive data such as credit card information. In addition, no data from the subscription or payment systems is replicated on OneLog’s systems. 

The perpetrators were able to access the cloud infrastructure in spite of security measures such as multi-factor authentication (MFA), but as the logs show, it was only for a relatively short period of time, which fits the picture of pure sabotage. OneLog emphasizes that to the best of their knowledge, no user email addresses or passwords were compromised. There have been no claims of responsibility, no demands for money, and no hints in the darknet. 

Successful data recovery and restart 

Thanks to the collaboration between OneLog and its partners, all user data was recovered in a very short time. Seamless collaboration allowed all accounts to be restored and the service to be back up and running by November 4, 2024. 

Enhanced security measures

“In addition to the existing security standards, OneLog immediately brought in additional external resources and experts to implement further security measures and strengthen our platform. In addition, an external company has performed a detailed audit of the entire OneLog platform to ensure that the highest security standards continue to be met,” said Silvano Oeschger, CEO of OneLog. 

The security measures are constantly being optimized in cooperation with the authorities, data protection experts and the media companies involved.

Proven Swiss Digital Alliance

The launch of OneLog in September 2021 was an important milestone for the Swiss Digital Alliance, consisting of CH Media, NZZ, Ringier, TX Group and SRG, in their common goal of strengthening the position of Swiss media companies in competition with international technology corporations. The close cooperation between the partners and their ability to rise to the challenge have proven successful in this situation. 

All media companies involved in OneLog, as well as the other partners, continue to see OneLog as an important tool for strengthening Switzerland as a media location. NZZ and CH Media, which have not yet implemented OneLog as their login solution, plan to do so in the future. 

The goal of the Swiss Digital Alliance remains to offer users access to a growing range of Swiss media content with a single login and in compliance with strict privacy guidelines.

Ongoing investigation

The incident is still being analyzed. Both internal and official investigations are ongoing. 

OneLog would like to thank all users and partners for their trust and understanding in this difficult situation. The company remains committed to open and transparent communication and will continue to provide reliable information. For further information, please contact the media office.


Media Contact
OneLog AG
Dufourstrasse 23 | 8008 Zürich | Schweiz
[email protected]
www.onelog.ch