On Monday 25th of July 2022, the LockBit ransomware group listed the Agenzia delle Entrate (Italian Revenue Agency) on their data leak site where they claimed to have stolen 78GB of data and are threatening to leak the allegedly stolen data if a ransom isn’t paid by Sunday 31st of July 2022. LockBit has claimed that the allegedly stolen data includes documents, financial reports, and contracts.
This response to this claim, the Agenzia delle Entrate has announced they have asked Sogei SPA, a state-owned company that manages the agency’s IT infrastructure, for “feedback and clarifications”. Although Sogei SPA has responded in a statement where they state that an initial investigation by the company found no signs of a cyberattack or a data breach.
“Sogei spa informs that from the first analyzes carried out, no cyber attacks have occurred or data has been stolen from the financial administration’s technological platforms and infrastructures. From the technical checks carried out, Sogei therefore excludes that a computer attack on the Revenue Agency website may have occurred. In any case, collaboration with the National Cybersecurity Agency and the Postal Police remains active in order to give maximum support to ongoing investigations” – Sogei SPA.