Almaviva experienced a cyber attack that led to the theft of a large volume of data, which was then published on a dark web forum. The company immediately activated specialized safety and law enforcement procedures. They communicated that despite the incident, “the functionalities and services of the systems involved have remained regularly active,” attributing this stability to “operational continuity measures and procedures specifically prepared for this type of scenario.” The firm has stressed that the full operation of critical services was guaranteed.
The stolen material amounts to about 2.3 According to cyber threat intelligence reports, the material published by the threat actor includes a wide array of sensitive documents. These range from internal shares, multi-company repositories, and technical documentation to contracts with public bodies, HR archives, and accounting data. The breach also encompasses complete datasets of various FS Group companies, representing a significant leak of corporate proprietary and personnel information.
Almaviva has emphasized its immediate and coordinated response. The company stated that monitoring services identified and subsequently isolated the attack, resulting in the theft of some data from their corporate systems. Following this discovery, in addition to activating internal security protocols, Almaviva promptly informed all relevant authorities, including the Public Prosecutor’s Office, the Postal Police, the National Cybersecurity Agency, and the Privacy Guarantor.
Close collaboration with these authorities, their partners, and other competent subjects is currently underway to ensure maximum coordination in monitoring, investigation, and response activities. Almaviva affirms that data security and the protection of its stakeholders—customers, partners, and collaborators—remain the top priority.
The company has committed to communicating any relevant developments transparently, without prejudice to the confidentiality of ongoing investigations.terabytes and reportedly contains confidential and recent data, some dating up to two months prior to the attack, belonging to the Ferrovie dello Stato (FS) Group. This unauthorized copy of data includes sensitive corporate information of all kinds, though the operational critical services were unaffected. This type of incident underscores the persistent threats facing vendors who manage large repositories of client data.
Reference:
