lockbit3 attacks Agenzia entrate
Incident Date:
July 25, 2022
Overview
Title
lockbit3 attacks Agenzia entrate
Victim
Agenzia entrate
Attacker
Lockbit3
Location
First Reported
July 25, 2022
LockBit 3 Claims Ransomware Attack on Agenzia delle Entrate
Company Profile
Agenzia delle Entrate plays a pivotal role in the Italian government's financial administration, overseeing tax-related activities. The agency's website serves as a comprehensive resource, offering insights into tax declarations, welfare, phishing prevention, and providing tools for professionals, intermediaries, and software modeling.
Vulnerabilities and Targeting
The LockBit 3 ransomware group's attack on Agenzia delle Entrate underscores the persistent cyber threats facing government entities and financial institutions. By claiming to have exfiltrated 100 GB of sensitive data, including internal documents and financial information, LockBit 3 has highlighted the critical need for enhanced cybersecurity measures within such organizations. This incident is part of a larger pattern of cyber assaults on Italian governmental and financial structures, emphasizing the strategic targeting by ransomware groups.
Investigations and Response
In response to the alleged ransomware attack, Italian authorities, spearheaded by Sogei SpA, are conducting thorough investigations. Sogei SpA, a key technological partner for the Ministry of Economy and Finance, has refuted claims of a breach within the financial administration's IT infrastructure. Concurrently, Agenzia delle Entrate, in collaboration with Italy's National Cybersecurity Agency and the Postal Police, is actively participating in the investigation to ascertain the veracity of the ransomware group's claims.
Sources
- Agenzia delle Entrate - Home Page: https://www.agenziaentrate.gov.it/portale/
- SC Magazine - "Alleged LockBit ransomware attack against Italy's tax agency probed": https://www.scmagazine.com/analysis/breach/alleged-lockbit-ransomware-attack-against-italys-tax-agency-probed
- BleepingComputer - "LockBit claims ransomware attack on Italian tax agency": https://www.bleepingcomputer.com/news/security/lockbit-claims-ransomware-attack-on-italian-tax-agency/
- Cybernews - "Hackers claim to have breached Italy's revenue agency": https://cybernews.com/news/hackers-claim-to-have-breached-italys-revenue-agency/
- Security Affairs - "Lockbit ransomware gang claims to have breached the Italian Revenue Agency": https://securityaffairs.co/wordpress/123207/cyber-crime/lockbit-ransomware-italian-revenue-agency.html
- The Record - "Italy investigating ransomware attack on tax agency": https://therecord.media/italy-investigating-ransomware-attack-on-tax-agency/
Recent Ransomware Attacks
The Recent Ransomware Attacks (RRA) site acts as a watchtower, providing you with near real-time ransomware tracking of attacks, groups and their victims. Given threat actors’ overarching, lucrative success so far, ransomware attacks have become the most ubiquitous, and financially and informationally impactful cyber threat to businesses and organizations today.
The site’s data is generated based on hosting choices of real-world threat actors, and a handful of other trackers. While sanitization efforts have been taken, we cannot guarantee 100% accuracy of the data. Attack updates will be made as source data is reported by reputable sources. By viewing, accessing, or using RRA you acknowledge you are doing so at your own risk.