The LockBit ransomware gang claimed they breached the Italian Internal Revenue Service’s network. According to LockBit, if the Italian tax office doesn’t meet a ransom demand by August 1st, 100 GB of data — including business documents, scans, financial reports, and contracts — will be leaked online. The official statement published by the Italian revenue agency on “the alleged theft of data from the tax information system” states that the agency has requested more info from Sogei SpA, a Ministry of Economy and Finance public company that manages the financial administration’s technological infrastructure. The State Attorney General, the Department of Treasury, the Ministries of Justice, Interior, and Education, as well as other Italian agencies, rely on the IT infrastructure managed by Sogei SpA. The company released a formal statement claiming that it has not discovered any proof of a cyberattack affecting the Italian revenue agency. “With regard to the alleged cyber attack on the tax information system, Sogei spa informs that from the first analyzes carried out, no cyber attacks have occurred nor have data been stolen from platforms and technological infrastructures of the Financial Administration. From the technical investigations carried out, Sogei, therefore, excludes that a cyber attack on the site of the Revenue Agency,” stated the company.
Written by: Nataliia Zdrok, Threat Intelligence Analyst at Binary Defense Russia’s invasion of Ukraine increased