Ransom! SITAV SpA (JUL-2026)
SITAV SpA in Italy (IT) reported a ransomware incident attributed to the dragonforce threat actor. The attack targeted SITAV, a rail vehicle maintenance and modernization provider serving high-speed trains and regional transport, and the impacted country is: #Italy

Incident Details

  • Victim: SITAV SpA
  • Sector: Manufacturing
  • Country: IT
  • Actor: dragonforce
  • Source: http://z3wqggtxft7id3ibr7srivv5gjof5fwg76slewnzwwakjuf3nlhukdid.onion/blog/?post_uuid=639ab14a-fdcd-4e32-be98-d16c626fbebe
  • Discovered: 2026-07-14T13:54:31.609674+00:00
  • Published: 2026-07-14T13:34:42.224573+00:00

Information

  • Specializes in the construction, maintenance, revision, and restoration of trains and railway vehicles
  • Provides corrective and ordinary maintenance services for high-speed trains, regional transport carriages, trams, and subways
  • Primarily supports Trenitalia with operational maintenance needs
  • Focuses on innovation and safety to keep vehicles in perfect working condition
  • Uses expert staff and advanced technologies to ensure maximum efficiency
  • Also offers revamping services to modernize existing trains and improve the travel experience

Disclaimer: This post is based on public claims made by the ransomware group "dragonforce". I cannot confirm the accuracy of the information. However, I would be happy to share any official statement from the affected organization to provide clarification.

monitored by: ransomware.live