{
	"id": "d48394d3-7670-4278-869b-6ea26ff0d655",
	"created_at": "2026-04-06T00:22:31.535096Z",
	"updated_at": "2026-04-10T03:21:35.687013Z",
	"deleted_at": null,
	"sha1_hash": "fda5ab4ede6a41159a677b4eaa8b767c62db207e",
	"title": "LockBit claims ransomware attack on Italian tax agency",
	"llm_title": "",
	"authors": "",
	"file_creation_date": "0001-01-01T00:00:00Z",
	"file_modification_date": "0001-01-01T00:00:00Z",
	"file_size": 1689608,
	"plain_text": "LockBit claims ransomware attack on Italian tax agency\r\nBy Sergiu Gatlan\r\nPublished: 2022-07-26 · Archived: 2026-04-05 19:42:12 UTC\r\nItalian authorities are investigating claims made by the LockBit ransomware gang that they breached the network of the\r\nItalian Internal Revenue Service (L'Agenzia delle Entrate).\r\nLockBit claims they stole 100 GB of data (including company documents, scans, financial reports, and contracts) that will\r\nbe leaked online if the Italian tax agency doesn't pay a ransom demand until August 1st.\r\nThe Italian revenue agency shared an official statement on its website regarding \"the alleged theft of data from the tax\r\ninformation system,\" saying that it requested more info from Sogei (Società Generale d'Informatica) SpA, a Ministry of\r\nEconomy and Finance public company that manages the financial administration's technological infrastructure.\r\nhttps://www.bleepingcomputer.com/news/security/lockbit-claims-ransomware-attack-on-italian-tax-agency/\r\nPage 1 of 4\n\n0:00\r\nhttps://www.bleepingcomputer.com/news/security/lockbit-claims-ransomware-attack-on-italian-tax-agency/\r\nPage 2 of 4\n\nVisit Advertiser websiteGO TO PAGE\r\n\"From the technical investigations carried out, Sogei excludes that a cyber attack on the Agency's website may have\r\noccurred,\" the agency said.\r\nSogei SpA also manages IT infrastructure used by other Italian agencies, including the Ministries of Justice, Interior, and\r\nEducation, the State Attorney General, and the Department of the Treasury.\r\nA Sogei spokesperson told BleepingComputer that \"there are no cyber attacks on the financial administration's technological\r\nplatforms and infrastructures,\" adding that \"it is not possible to provide further details as investigations are ongoing.\"\r\nImage: BleepingComputer\r\nThe company also shared an official statement on its website saying it found no evidence of a cyberattack impacting the\r\nItalian revenue agency.\r\n\"With regard to the alleged cyber attack on the tax information system, Sogei spa informs that from the first analyzes carried\r\nout, no cyber attacks have occurred nor have data been stolen from platforms and technological infrastructures of the\r\nFinancial Administration,\" the public company said Monday [PDF].\r\n\"From the technical investigations carried out, Sogei, therefore, excludes that a cyber attack on the site of the Revenue\r\nAgency.\"\r\nSogei SpA added that it's currently collaborating and supporting an ongoing joint investigation coordinated by the Italian\r\nNational Cybersecurity Agency and the Postal Police.\r\nThe LockBit ransomware gang first surfaced in September 2019 as a ransomware-as-a-service (RaaS) and relaunched as the\r\nLockBit 2.0 RaaS in June 2021 after ransomware groups were banned from posting on cybercrime forums [1, 2].\r\nIn February, the FBI released a flash alert with indicators of compromise associated with LockBit ransomware attacks\r\n(accounting for 40% of all known ransomware attacks in May 2022), asking organizations targeted by this RaaS' affiliates to\r\nreport any incidents urgently.\r\nLast month, LockBit released 'LockBit 3.0,' introducing the first ransomware bug bounty program, new extortion tactics, and\r\nZcash cryptocurrency payment options.\r\nhttps://www.bleepingcomputer.com/news/security/lockbit-claims-ransomware-attack-on-italian-tax-agency/\r\nPage 3 of 4\n\nUpdate July 26, 11:33 EDT: Added a Sogei SpA statement to BleepingComputer.\r\nAutomated Pentesting Covers Only 1 of 6 Surfaces.\r\nAutomated pentesting proves the path exists. BAS proves whether your controls stop it. Most teams run one without the\r\nother.\r\nThis whitepaper maps six validation surfaces, shows where coverage ends, and provides practitioners with three diagnostic\r\nquestions for any tool evaluation.\r\nSource: https://www.bleepingcomputer.com/news/security/lockbit-claims-ransomware-attack-on-italian-tax-agency/\r\nhttps://www.bleepingcomputer.com/news/security/lockbit-claims-ransomware-attack-on-italian-tax-agency/\r\nPage 4 of 4",
	"extraction_quality": 1,
	"language": "EN",
	"sources": [
		"ETDA"
	],
	"references": [
		"https://www.bleepingcomputer.com/news/security/lockbit-claims-ransomware-attack-on-italian-tax-agency/"
	],
	"report_names": [
		"lockbit-claims-ransomware-attack-on-italian-tax-agency"
	],
	"threat_actors": [],
	"ts_created_at": 1775434951,
	"ts_updated_at": 1775791295,
	"ts_creation_date": 0,
	"ts_modification_date": 0,
	"files": {
		"pdf": "https://archive.orkl.eu/fda5ab4ede6a41159a677b4eaa8b767c62db207e.pdf",
		"text": "https://archive.orkl.eu/fda5ab4ede6a41159a677b4eaa8b767c62db207e.txt",
		"img": "https://archive.orkl.eu/fda5ab4ede6a41159a677b4eaa8b767c62db207e.jpg"
	}
}