ServizioContenuto basato su fatti, osservati e verificati dal reporter in modo diretto o riportati da fonti verificate e attendibili.Scopri di più
Cybersecurity

Hackers against external provider Infocert: users' personal data stolen. The company: "Spid, signature and Pec data not compromised".

The company admits a breach of its databases, but reassures: no sensitive information is at risk

articolo aggiornato il 30 dicembre 2024 alle ore 16,30

2' min read

2' min read

An external provider of Infocert, one of the main Spid digital identity providers in our country, has suffered a serious cyber attack that may have compromised the personal data of many of its customers. This was announced by the company itself, which made the news public on its official website, where the company confirmed that some data had been stolen from its databases and, in part, published online.

According to anonymous statements that appeared on various web platforms, the attackers purloined approximately 5.5 million registrations, 1.1 million telephone numbers, and 2.5 million email addresses. Some of this data was shared as evidence by the hackers to lure potential buyers.

Loading...

Despite the severity of the attack, Infocert reassured customers by stating that 'no Infocert service access credentials or passwords were compromised'. The company added that "all appropriate investigations" are underway and that further details will be provided in the coming days.

The incident occurred on 27 December and was claimed online the following day.

Infocert is one of the largest Italian and European companies in the digital certification sector, with a presence in Europe and Latin America through 19 offices. The company is known for its digital signature, certified e-mail and digital identity services, including the Public Digital Identity System (Spid).

Loading...

Part of the Italian Tinexta group, which specialises in digitalisation and IT security, Infocert has around 10 million customers and a turnover of EUR 137 million in 2022. It currently manages 1.8 million active Spid and 64 million annual logins through its digital identity services. The company also collaborates in the development of the European digital wallet.

This incident underlines once again how crucial it is to strengthen IT security measures to protect users' personal data, especially in a context where digital identity is increasingly central.

Infocert: Spid, signature and Pec data not compromised

"We reiterate that the security and functioning of the SPID, digital signature and PEC services, as well as all other InfoCert services, have never been compromised by the illicit data theft that has affected the systems of an external provider, which manages a customer care platform used by our Customer Care". Thus InfoCert's clarification in a note.

"The data concerned are limited to those needed to process support requests sent by customers via the ticketing system".

"We can therefore confirm," the note continues, "that, to date, contrary to what has been reported by some unofficial online sources, the operability, security and integrity of InfoCert's services has not been compromised in any way.

"As we have already informed you, on 27 December last, we promptly detected that some information relating to our customers had been made available on a platform dedicated to the buying and selling of abusively acquired data. In cooperation with our supplier, we immediately put in place all technical measures to verify the event and protect our users by containing the illegal activity."

"Technical analyses are still underway," InfoCert concludes, "which we are carrying out with the utmost thoroughness and together with our supplier; at the same time, we are proceeding with the appropriate complaints and notifications to the competent authorities. We will obviously continue to monitor the situation with the utmost attention and provide timely updates to our customers"..

Copyright reserved ©
Loading...

Brand connect

Loading...

I prossimi eventi

Tutti gli eventi

Newsletter

Notizie e approfondimenti sugli avvenimenti politici, economici e finanziari.

Iscriviti