Our company’s engineers have stopped an attack by hackers on the data centre in Venaria Reale, near Turin. The hackers had launched ransomware, a program able to prevent access to the data on the infected servers, intending to demand payment to make all the encrypted information accessible again. At about 5 pm on Tuesday 9 March, our security monitoring systems reported a suspicious and repeating anomaly on several important processes.
The security task force, as required by the protocols of our Disaster Recovery Plan in accordance with ISO27001 requirements, took immediate action and started the necessary checks on the servers hosting the main databases, confirming the existence of a hacker attack in progress. At that moment, all containment actions started.
In particular, the servers were immediately shut down and all internal and external connectivity lines were isolated, in order to protect the machines and prevent the spread of the computer virus. As a result, a complaint was filed with the Postal Police and, at the same time, a report was sent to the Privacy Authority, although there was no evidence of any deletion, copying or extraction of personal data.
Thanks to the professional intervention of our technicians, less than 10% of our servers were contaminated. In the hours that followed, we worked to clean up and restore the systems, and last night the clean-up was completed, which had the effect of limiting and confining the effects of the attack, making the company safe from any blackmail attempts, and restoring operations in a reasonable timeframe. Customer services are now available and running, allowing a progressive return to normality. In the next few hours there may still be slight delays in updating information, due to the accumulation of “online” data and the technical time required for updating and processing by our systems.
