lockbit2 attacks Sanvitale Gioielli

Incident Date:

June 12, 2022

World map



lockbit2 attacks Sanvitale Gioielli


Sanvitale Gioielli




Metropolitan, Italy

Rome, Italy

First Reported

June 12, 2022

Sanvitale Gioielli: A Retail Jewelry Company Targeted by Lockbit2 Ransomware

Sanvitale Gioielli, a jewelry retailer based in Italy, has been targeted by the Lockbit2 ransomware group. The company, which has been in operation since 1935, operates in the retail sector and is known for its high-quality products and services. Sanvitale Gioielli is an authorized dealer for several well-known brands in the jewelry industry, including Eberhard, Baume & Mercier, Ab Aeterno, Gucci, Hamilton, Nouvelle Bague, Pesavento, Bliss, Citizen, Bronzallure, Festina, Philip Watch, and Montblanc.

The company's website provides information about their history, products, and services. They offer a wide range of jewelry, including personalized pieces, and have a laboratory for watch repair and maintenance.

The Lockbit2 ransomware group, known for its aggressive tactics, has claimed responsibility for the attack on Sanvitale Gioielli. The group operates through a dark web leak site, where they post information about their victims.

While the specific details of the attack are not publicly available, ransomware attacks typically involve the encryption of critical digital records, demanding a cash payment in exchange for the decryption key. Hospitals have been frequent targets of such attacks, with six being hit in a single 24-hour period in October 2020.

Sanvitale Gioielli's vulnerability to such an attack could be due to a variety of factors, including outdated software, weak security protocols, or employee negligence. Cybersecurity experts often advise organizations to implement robust security measures, such as regular software updates, employee training, and multi-factor authentication, to mitigate the risk of ransomware attacks.

The company has not yet released a statement regarding the attack or the measures they are taking to address it. As the situation develops, more information may become available.


Recent Ransomware Attacks

The Recent Ransomware Attacks (RRA) site acts as a watchtower, providing you with near real-time ransomware tracking of attacks, groups and their victims. Given threat actors’ overarching, lucrative success so far, ransomware attacks have become the most ubiquitous, and financially and informationally impactful cyber threat to businesses and organizations today.

The site’s data is generated based on hosting choices of real-world threat actors, and a handful of other trackers. While sanitization efforts have been taken, we cannot guarantee 100% accuracy of the data. Attack updates will be made as source data is reported by reputable sources. By viewing, accessing, or using RRA you acknowledge you are doing so at your own risk.