Third-party hack purportedly led to massive Italian railway operator data theft

Italian state-owned railway operator FS Italiane Group had 2.3 TB of data pilfered and exposed following a purported attack against its leading Italian multinational IT service management firm Almaviva, BleepingComputer reports.

Included in the leaked data trove were documents from the third quarter of this year, such as internal shares, contracts, accounting information, technical files, and multi-company repositories, as well as information from FS Italiane Group's other companies, according to D3Lab Cyber Threat Intelligence Head Andrea Draghetti.

"The structure of the dump, organized into compressed archives by department/company, is fully consistent with the modus operandi of ransomware groups and data brokers active in 20242025," Draghetti added.

While FS Italiane Group has yet to acknowledge the third-party breach, Almaviva confirmed that certain data had been stolen following a cybersecurity incident, which has since been contained. Investigation into the attack, which has already been reported to authorities, is still underway, noted Almaviva.