everest attacks SPERONI SpA

Incident Date:

March 11, 2022

World map



everest attacks SPERONI SpA






Via Po, Italy

Spessa PV, Italy

First Reported

March 11, 2022

SPERONI SpA Suffers Ransomware Attack by Everest Group

Overview of the Attack

SPERONI SpA, an esteemed entity within the Italian Healthcare Services sector, recently fell victim to a ransomware attack orchestrated by the notorious Everest group. The incident was publicly disclosed on the group's dark web leak site. SPERONI SpA, known for its contributions to the healthcare industry, has yet to reveal the extent of the impact this cyber assault has had on its operations.

Global Ransomware Trends

The attack on SPERONI SpA is indicative of a larger, more disturbing trend in the cyber landscape. A staggering 71% of organizations globally reported experiencing at least one ransomware attack in 2022, with the healthcare sector being among the top three targets. This trend underscores the critical vulnerability of the healthcare industry to cyber threats. The average financial toll of such attacks is a hefty $4.3 million, highlighting the severe economic implications alongside the potential compromise of sensitive patient data.

Vulnerabilities and Recommendations

While the specific vulnerabilities exploited in the SPERONI SpA attack remain undisclosed, it is widely acknowledged that 62% of ransomware infiltrations succeed through phishing attempts. This statistic serves as a stark reminder of the importance of cybersecurity vigilance and education. Organizations are advised to adhere to guidelines set forth by authoritative bodies such as the U.S. Government, MS-ISAC, and trusted security vendors. These guidelines emphasize the importance of swift identification and containment of breaches, evidence preservation, and the evaluation of existing security measures to thwart potential attacks.

Company's Response and Current Status

In the aftermath of the attack, SPERONI SpA has maintained silence, offering no comments regarding the breach or the steps taken towards recovery. Despite this, the company's website remains accessible, suggesting some level of operational restoration. The full extent of the ransomware attack's impact on SPERONI SpA's services and data integrity, however, remains uncertain.


Recent Ransomware Attacks

The Recent Ransomware Attacks (RRA) site acts as a watchtower, providing you with near real-time ransomware tracking of attacks, groups and their victims. Given threat actors’ overarching, lucrative success so far, ransomware attacks have become the most ubiquitous, and financially and informationally impactful cyber threat to businesses and organizations today.

The site’s data is generated based on hosting choices of real-world threat actors, and a handful of other trackers. While sanitization efforts have been taken, we cannot guarantee 100% accuracy of the data. Attack updates will be made as source data is reported by reputable sources. By viewing, accessing, or using RRA you acknowledge you are doing so at your own risk.