© 2022 CyberNews - Latest tech news,
product reviews, and analyses.

If you purchase via links on our site, we may receive affiliate commissions.

Hackers claim to have breached Italy’s revenue agency


The LockBit ransomware group claims to have stolen 78 gigabytes of data from the Agenzia delle Entrate, Italy’s primary revenue agency.

The name of the Agenzia delle Entrate appeared on LockBit’s leak site this Monday. Threat actors claim to have obtained company documents, scans, financial reports, and contracts.

The agency enforces the financial code of Italy and collects taxes and revenue, similar to the American Internal Revenue Service (IRS). If confirmed, the leak could affect revenue collection processes and expose sensitive financial data.

The listing on LockBit’s leak site indicates that the agency was given until the end of the month to pay the ransom. Usually, ransomware gangs threaten their victims, claiming the data will be published if the ransom demands are not met.

According to a press release by the Agenzia delle Entrate, the agency ‘immediately requested feedback and clarifications’ from Sogei. This state-owned IT company manages the technological infrastructures of the financial administration.

Cybernews reached out to the Agenzia delle Entrate for comment, but we received no answer at the time of publishing.

According to the Italian media, the news of the breach was first reported by Pierguido Iezzi, CEO of Swascan, the cybersecurity center of the Tinexta Group. Iezze claims that the Italian revenue agency appears to be a victim of LockBit 3.0, the updated malware threat actors use for extortion.

Leading the underworld

LockBit ransomware leads the digital extortion underworld. The latest ransomware report by threat intelligence firm Digital Shadows shows that in the second quarter of 2022, LockBit was the most active group by an overwhelming margin.

LockBit and its affiliates accounted for a third of all cyberattacks attacks involving organizations being posted to ransomware data-leak sites. Researchers attributed 231 victims to LockBit while the second-place holder, problem-ridden Conti, had 70.

While LockBit is far from the only successful ransomware group, it has outlasted many competitors. Prominent groups like REvil, Darkside, and Cl0p came and went, either regrouping or disbanding.

More recently, the Conti ransomware gang seems to have closed up shop once at the top of the ransomware game. Meanwhile, LockBit has been in the game since 2019, a lifetime in the ransomware business, releasing the second and, recently, the third generation of malware.

The number of ransomware attacks grew last quarter compared to the beginning of the year. Digital Shadows counted 705 victims, 21% more than over previous months. Righi thinks that we’ll only see more attacks as the year progresses.


More from Cybernews:

Cyberstalking likely to increase in Post-Roe America

Software cracks used to peddle Amadey malware through SmokeLoader

Honor among cyber-thieves: a criminal career based on trust

Google booted engineer who deemed AI chatbot sentient

Rogers to invest C$10bn in AI

Subscribe to our newsletter



Leave a Reply

Your email address will not be published. Required fields are marked