Menu
On Thursday 21st of October 2021, the Italian data protection authority Garante per la Protezione dei Dati Personali (GPDP) announced they were investigating a data breach of Società Italiana degli Autori ed Editori which is Italy’s copyright protection government agency. Currently the GPDP is stating that the investigation is looking at whether threat actors were able to steal the personal data of registered members and employees of SIAE during a ransomware attack.
Although the Everest ransomware gang have already claimed to be responsible for the attack by putting a listing on their extortion portal where they have claimed to have breached SIAE and have leaked 60 GB of stolen data. The data leaked includes national ID and driver’s license scans and documents relevant to contract agreements between SIAE and its members.
The Everest ransomware gang also claimed that the stolen data also contains contracts and other data related to Italian celebrities, actors, musicians, artists, authors, and reputable individuals. After not receiving a ransom payment, the threat actors are now selling the data for $500,000.
NCSC Threat Reports Feed© 2021 CyberEnsō – Nihon Cyber Defence Co., Ltd. All Rights Reserved.
