SITAV SpA in Italy (IT) reported a ransomware incident attributed to the dragonforce threat actor. The attack targeted SITAV, a rail vehicle maintenance and modernization provider serving high-speed trains and regional transport, and the impacted country is: #Italy
Incident Details
- Victim: SITAV SpA
- Sector: Manufacturing
- Country: IT
- Actor: dragonforce
- Source: http://z3wqggtxft7id3ibr7srivv5gjof5fwg76slewnzwwakjuf3nlhukdid.onion/blog/?post_uuid=639ab14a-fdcd-4e32-be98-d16c626fbebe
- Discovered: 2026-07-14T13:54:31.609674+00:00
- Published: 2026-07-14T13:34:42.224573+00:00
Information
- Specializes in the construction, maintenance, revision, and restoration of trains and railway vehicles
- Provides corrective and ordinary maintenance services for high-speed trains, regional transport carriages, trams, and subways
- Primarily supports Trenitalia with operational maintenance needs
- Focuses on innovation and safety to keep vehicles in perfect working condition
- Uses expert staff and advanced technologies to ensure maximum efficiency
- Also offers revamping services to modernize existing trains and improve the travel experience
Disclaimer: This post is based on public claims made by the ransomware group "dragonforce". I cannot confirm the accuracy of the information. However, I would be happy to share any official statement from the affected organization to provide clarification.