Ransomware Attack on GPI Group: Targeted by 8Base Ransomware Group

Incident Date:

April 15, 2024

World map



Ransomware Attack on GPI Group: Targeted by 8Base Ransomware Group






Trento, Italy

, Italy

First Reported

April 15, 2024

Ransomware Attack on GPI Group by 8Base Ransomware Group

Company Profile

GPI Group S.p.A., is a multinational entity known for its innovative software solutions and technologies aimed at the digital transformation of healthcare. With a presence in over 70 countries and serving more than 3,000 customers, GPI stands out due to its specialization in transfusion software and pharmaceutical robotics.

In 2022, the company reported robust financials with net sales amounting to 356,880 EUR. The firm is listed on the Italian Stock Exchange and features a diverse shareholder structure, including major stakeholders like FM S.p.A. and CDP Equity S.p.A.

Details of the Ransomware Attack

The 8Base group, employing their signature double-extortion tactic, not only encrypted GPI's data but also exfiltrated sensitive information. The stolen data potentially includes invoices, personal employee details, contracts, and other confidential documents.

Vulnerabilities and Target Profile

The company's extensive digital footprint and significant data repositories make it an attractive target for cybercriminals like 8Base. The healthcare sector's critical nature and the necessity for immediate access to data heighten the impact of ransomware attacks, making entities like GPI prime targets for exploitation.


Recent Ransomware Attacks

The Recent Ransomware Attacks (RRA) site acts as a watchtower, providing you with near real-time ransomware tracking of attacks, groups and their victims. Given threat actors’ overarching, lucrative success so far, ransomware attacks have become the most ubiquitous, and financially and informationally impactful cyber threat to businesses and organizations today.

The site’s data is generated based on hosting choices of real-world threat actors, and a handful of other trackers. While sanitization efforts have been taken, we cannot guarantee 100% accuracy of the data. Attack updates will be made as source data is reported by reputable sources. By viewing, accessing, or using RRA you acknowledge you are doing so at your own risk.