RansomHub's Attack on Farmacia Florio

Incident Date:

April 8, 2024

World map



RansomHub's Attack on Farmacia Florio


Farmacia Florio




Naples, Italy

, Italy

First Reported

April 8, 2024

Ransomware Attack on Farmacia Florio

Victim Profile

Farmacia Florio, a pharmacy located in Naples, Italy, has been targeted in a ransomware attack by the group RansomHub. The pharmacy has a rich history dating back to 1880 when Ettore Florio founded the first Ettore Florio Pharmacy in Porta Capuana, Naples. The business has been passed down through four generations of the Florio family, known for their innovation in galenics and the development of new formulas.

Company Size and Revenue

There is no specific information available about the size and revenue of Farmacia Florio. However, the pharmacy is known for its artisan tradition in the composition of medicines and cosmetics, as well as its commitment to complying with the norms of good preparation.

Industry Standing

Farmacia Florio stands out in the Healthcare Services sector for its long-standing history, innovative approach to galenics, and the development of cosmetological formulas and orphan drugs. The pharmacy's commitment to quality and compliance with industry standards sets it apart in the industry.

Ransomware Attack Overview

In April 2024, the company fell victim to a ransomware attack by the cybercriminal group RansomHub, resulting in the theft of sensitive documents including invoices, orders, and delivery addresses.


Being in the healthcare sector, Farmacia Florio is a prime target for data thieves due to the sensitive nature of the data they handle, including patient information and pharmaceutical formulas. The pharmacy's artisanal approach to medicine preparation and its long history may make it more vulnerable to cyber attacks, as traditional businesses may have invested little in cybersecurity measures compared to modern establishments.


Recent Ransomware Attacks

The Recent Ransomware Attacks (RRA) site acts as a watchtower, providing you with near real-time ransomware tracking of attacks, groups and their victims. Given threat actors’ overarching, lucrative success so far, ransomware attacks have become the most ubiquitous, and financially and informationally impactful cyber threat to businesses and organizations today.

The site’s data is generated based on hosting choices of real-world threat actors, and a handful of other trackers. While sanitization efforts have been taken, we cannot guarantee 100% accuracy of the data. Attack updates will be made as source data is reported by reputable sources. By viewing, accessing, or using RRA you acknowledge you are doing so at your own risk.