The Italian Municipality of Taggia, in the Province of Imperia, was hit by a cyber attack on 10 March. The group of cybercriminals RansomHouse has published part of the data exfiltrated from the Municipality’s servers on its blog.
Two days ago RansomHouse had anticipated it through its Telegram channel, the published data do not refer only to documents of administrative acts such as tenders and forms, but SuspectFile was also able to view sensitive documents such as copies of passports (some of non-citizens Italians), names and surnames of employees registered with workers’ unions, a document relating to the custody of a minor child, a letter addressed to the Head of the Socio-educational Interventions Sector, mortuary free pass where, in addition to the personal details of the deceased, the cause of the death, employment contracts…
To date, no official communication from the Municipality of Taggia regarding the computer attack on the servers and the consequent loss of data has yet been provided, except for a press release that appeared on a page of the institutional website of the Municipality without details on the incident.
A notice of only two lines is published on the Municipality’s website, communicating the possibility of some disruptions for the day of last March 13 linked to updates to the servers and software of the Municipality of Taggia. But there is no reference to the hacker attack in the press release, nor is there any mention of the possibility of the loss of sensitive data of hundreds of citizens residing in the Ligurian municipality.
(Communication of disservices on Monday 13 March 2023 for server and software maintenance
Users are hereby advised that due to urgent and undelayable maintenance of the server and software, on Monday 13 March 2023, there may be inconvenience in the normal performance of the service activity due to the impossibility of using computer devices and applications connected to the municipal network.
We apologize for the inconvenience.)
Yesterday the RansomHouse group published a sentence on its blog which, if understood as it was written, would suggest possible negligence by the IT department of the Municipality. The group of cybercriminals claims that the IT department is hiding the truth.
Yesterday the RansomHouse group published a sentence on its blog which, if understood as it was written, would suggest possible negligence by the IT department of the Municipality. The group of cybercriminals also claims that the IT department is hiding the truth.
The Municipality of Taggia was not the first Italian Public Administration to be affected by the RansomHouse group. In July 2022, it was the Union of Valdarno and Valdisieve Municipalities that paid the price, which includes 6 Municipalities of the Tuscany Region (Londa, Pelago, Pontassieve, Reggello, Rufina, San Godenzo) and not 8 as erroneously claimed by the hacker group, confusing the two Valdarno and Valdisieve valleys like two other Tuscan Municipalities.
The article will be updated in case of new details.