• Home
  • cyber
  • Alto Calore Servizi SpA: Italian water supplier serving 500,000 people hit with ransomware attack
cyber Ransomware

Alto Calore Servizi SpA: Italian water supplier serving 500,000 people hit with ransomware attack

May 3, 2023 2 min read
Alto Calore Servizi SpA: Italian water supplier serving 500,000 people hit with ransomware attack

Ransomware Attack Disrupts Water Services for Nearly Half a Million in Southern Italy

A ransomware attack has crippled the IT systems of Alto Calore Servizi SpA, an Italian government-run company responsible for supplying drinking water to 125 municipalities across the Avellino and Benevento provinces in southern Italy. The company, which also manages sewage and purification services, serves nearly 500,000 people and processes 58 million cubic meters of water annually.

The attack, detected on Friday, rendered all databases and IT operations inoperable, preventing the company from performing routine queries or providing information. While water distribution remains unaffected, the full extent of the disruption including potential customer impacts remains unclear, as the company has not responded to inquiries about recovery timelines or ransom negotiations.

On Tuesday, the Medusa ransomware group claimed responsibility, releasing samples of stolen data and issuing a seven-day ultimatum. The group offered the company options to extend the deadline by one day for $10,000 or delete all stolen data for $100,000. Exfiltrated files reportedly include customer records, contracts, board meeting minutes, infrastructure plans, and pipe distribution documents.

This incident is part of a broader trend of ransomware attacks targeting Italy’s critical infrastructure. In 2022 alone, the country’s tax agency, energy market operator, and major utilities including Eni and Gestore dei Servizi Energetici fell victim to similar attacks. A 2021 ransomware strike even disrupted a COVID-19 vaccine portal.

Globally, water suppliers have become prime targets. In August 2022, South Staffordshire Water in the UK suffered a severe ransomware attack affecting 1.7 million customers, while U.S. water and wastewater facilities have faced at least eight documented attacks since 2019, some disrupting treatment processes and control systems. The U.S. Environmental Protection Agency (EPA) has since introduced mandatory cybersecurity assessments for public water systems, though the rules face legal challenges from states arguing the upgrades impose unaffordable costs on providers.

Source: https://therecord.media/italian-water-supplier-ransomware-attack-disruptions-medusa

Alto Calore Servizi SPA cybersecurity rating report: https://www.rankiteo.com/company/alto-calore-servizi-spa

"id": "ALT1775323955",
"linkid": "alto-calore-servizi-spa",
"type": "Ransomware",
"date": "5/2023",
"severity": "100",
"impact": "7",
"explanation": "Attack that could injure or kill people"
{'affected_entities': [{'customers_affected': '500,000',
                        'industry': 'Water supply and sewage management',
                        'location': 'Avellino and Benevento provinces, '
                                    'Southern Italy',
                        'name': 'Alto Calore Servizi SpA',
                        'size': 'Serves nearly 500,000 people, processes 58 '
                                'million cubic meters of water annually',
                        'type': 'Government-run company'}],
 'data_breach': {'data_exfiltration': 'Yes',
                 'personally_identifiable_information': 'Customer records',
                 'sensitivity_of_data': 'High',
                 'type_of_data_compromised': 'Customer records, contracts, '
                                             'board meeting minutes, '
                                             'infrastructure plans, pipe '
                                             'distribution documents'},
 'date_detected': '2023-11-10',
 'date_publicly_disclosed': '2023-11-14',
 'description': 'A ransomware attack has crippled the IT systems of Alto '
                'Calore Servizi SpA, an Italian government-run company '
                'responsible for supplying drinking water to 125 '
                'municipalities across the Avellino and Benevento provinces in '
                'southern Italy. The attack rendered all databases and IT '
                'operations inoperable, preventing the company from performing '
                'routine queries or providing information. The Medusa '
                'ransomware group claimed responsibility and issued a '
                'seven-day ultimatum, offering options to extend the deadline '
                'or delete stolen data for a ransom.',
 'impact': {'data_compromised': 'Customer records, contracts, board meeting '
                                'minutes, infrastructure plans, pipe '
                                'distribution documents',
            'operational_impact': 'Inability to perform routine queries or '
                                  'provide information',
            'systems_affected': 'IT systems, databases'},
 'investigation_status': 'Ongoing',
 'motivation': 'Financial gain',
 'ransomware': {'data_encryption': 'Yes',
                'data_exfiltration': 'Yes',
                'ransom_demanded': '$100,000 (to delete data) or $10,000 (to '
                                   'extend deadline by one day)',
                'ransomware_strain': 'Medusa'},
 'references': [{'date_accessed': '2023-11-14',
                 'source': 'Cyber incident report'}],
 'threat_actor': 'Medusa ransomware group',
 'title': 'Ransomware Attack Disrupts Water Services for Nearly Half a Million '
          'in Southern Italy',
 'type': 'Ransomware'}
Published by
Jeremy C
Jeremy C
You might also like
Great! Next, complete checkout for full access to Rankiteo Blog.
Welcome back! You've successfully signed in.
You've successfully subscribed to Rankiteo Blog.
Success! Your account is fully activated, you now have access to all content.
Success! Your billing info has been updated.
Your billing was not updated.