Threat Actor: Italian Crime Group | Italian Crime Group
Victim: State Databases | State Databases
Price: Not disclosed
Exfiltrated Data Type: Sensitive personal and financial information
Key Points :
- Four individuals arrested, including Leonardo Maria Del Vecchio’s son, for unauthorized access to state databases.
- Charges include criminal conspiracy, illegal interception, and extortion among others.
- The criminal organization accessed three key databases: suspicious financial activities, national tax agency records, and police investigations.
- Approximately 800,000 records were obtained through illegal means, indicating a large-scale data breach.
- Authorities are investigating a network of 60 individuals, including hackers and law enforcement members.
- The data was potentially used for espionage and blackmail against politicians and businesses.
- The investigation follows another case involving unauthorized access to customer data at Intesa Sanpaolo bank.
Italian police arrested four and are investigating dozens, including Leonardo Maria Del Vecchio, for alleged unauthorized access to state databases.
Italian authorities have arrested four individuals as part of an investigation into alleged illegal access to state databases. The police are also investigating dozens of other individuals, including the son of Luxottica founder Leonardo Maria Del Vecchio.
The charges being pursued by investigators include criminal conspiracy for unauthorized access to computer systems, illegal interception, falsification of electronic communications, disclosure of confidential information, aiding and abetting, and extortion.
“[Leonardo Maria del Vecchio] eagerly awaiting the completion of preliminary investigations to be able to prove he has nothing to do with the events in question and that charges laid against him have no basis.” reads a statement from a lawyer for Del Vecchio. “He seems to be rather a victim given initial allegations and the negative outcome of the search conducted”
The criminal activity was allegedly carried out by prominent Italian individuals, including a former high-profile policeman. The organization amassed a huge trove of sensitive data that was offered to its customers who used it for different purposes.
The data may have been used to spy and blackmail politicians and businesses, however, we cannot exclude that foreign intelligence agencies had access to this data.
“Milan prosecutors allege the business intelligence agency tapped into three key databases: one gathering alerts over suspicious financial activities; one used by the national tax agency with citizens’ bank transactions, utility bills, income statements; and the police investigations’ database, the person said.” reported Reuters citing a source with the knowledge on the matter.
A cache of 800,000 records was obtained by illegally accessing a range of state databases, in some cases third parties specifically commissioned the accesses. Italy’s national anti-mafia prosecutor Giovanni Melillo has shed light on a complex network of digital espionage professionals, investigating 60 individuals, including hackers, IT consultants, private intelligence agencies, and law enforcement members. Melillo, who spoke alongside Milan’s chief prosecutor Marcello Viola, said that authorities have uncovered “a massive market of confidential information.”
The investigation follows another clamorous case in Italy, the bank Intesa Sanpaolo is under investigation by prosecutors after a former employee illegally spied on account data of thousands of its customers
Follow me on Twitter: @securityaffairs and Facebook and Mastodon
(SecurityAffairs – hacking, state databases)