lockbit3 attacks Polizia Municipale

Incident Date:

September 5, 2022

World map



lockbit3 attacks Polizia Municipale


Polizia Municipale




ilario, Italy

Gorizia GO,, Italy

First Reported

September 5, 2022

Ransomware Attack on Comune di Gorizia's Polizia Municipale

Victim Profile

The Italian municipality of Gorizia, represented by the Comando di Polizia Municipale, has recently fallen victim to a ransomware attack by the Lockbit3 group. The attack was disclosed on the group's dark web leak site, highlighting the ongoing cybersecurity threats faced by local government entities.

Vulnerabilities and Industry Standing

The Comune di Gorizia, tasked with the administration of the city and maintaining law and order through its Polizia Municipale, encounters typical challenges in cybersecurity due to constrained resources and expertise. This vulnerability makes it, and similar local government entities, prime targets for ransomware attacks. The incident mirrors the situation faced by the Comune di Palermo earlier in 2023, underscoring a widespread issue within the Italian government sector. Addressing these vulnerabilities is crucial for safeguarding sensitive information and preventing future cybersecurity incidents.

Mitigation Strategies

Although specific details regarding the Comune di Gorizia's cybersecurity measures were not disclosed, it is imperative for local governments to adopt comprehensive cybersecurity practices. Effective strategies include ensuring timely updates and patches, conducting regular employee training on cybersecurity awareness, and implementing multi-factor authentication to enhance security postures against ransomware threats.


Recent Ransomware Attacks

The Recent Ransomware Attacks (RRA) site acts as a watchtower, providing you with near real-time ransomware tracking of attacks, groups and their victims. Given threat actors’ overarching, lucrative success so far, ransomware attacks have become the most ubiquitous, and financially and informationally impactful cyber threat to businesses and organizations today.

The site’s data is generated based on hosting choices of real-world threat actors, and a handful of other trackers. While sanitization efforts have been taken, we cannot guarantee 100% accuracy of the data. Attack updates will be made as source data is reported by reputable sources. By viewing, accessing, or using RRA you acknowledge you are doing so at your own risk.