On April 16, the Tea Group, an energy company based in Mantua, suffered a cyber attack by a criminal group. This group claimed responsibility on the dark web, confirming that they had stolen information from the company’s databases, including customers’ personal data. The Tea Group has initiated a technical investigation with the help of an external expert to understand the extent of the data breach and perform digital forensic activities.
The attack targeted some of Tea Group’s computer systems, which were quickly isolated and cleaned to prevent further damage. Despite these efforts, some data was unavailable for about three days. Tea Group assured that there was no permanent loss or deletion of personal data. However, the hackers later claimed to have exfiltrated personal data and published some of it on the dark web, likely intending to resell it.
The breach resulted in a loss of confidentiality regarding the personal data processed by the Tea Group. Ongoing investigations aim to determine which categories of data were stolen to take appropriate actions. The company is continuously monitoring the situation and has reported the details of the incident to the relevant authorities, including the Privacy Guarantor and the National Cybersecurity Agency.
Tea Group has advised customers to remain vigilant and take precautions, such as scrutinizing emails, messages, and phone calls requesting personal data and updating account passwords. They provided contact information for further inquiries, including a dedicated toll-free number and email addresses for the Data Protection Officer and the Privacy Office.
