So who hacked who? This week news from a Cyber attack at the expense oftax authorities. Attack claimed by the prolific hacker group lock bit. “Pay us or disclose more than 70GB of stolen material online.” The most classic screens.
Yet something was wrong. Despite the hackers’ claims, Sogei and the Revenue Agency initially denied that the servers had been compromised. A statement that was then repeated:
Referring to the news that appeared on social media and was picked up by some press bodies about the alleged theft of data from the tax information system, the Tax Office specifies that it has immediately requested feedback and clarification from Sogei Spa, a publicly traded company wholly owned by the Ministry. of Economics and Finance, which manages the technological infrastructures of the financial administration. Sogei has ruled out the possibility of a computer attack on the Agency’s website from the technical investigations carried out
the statement of the holding states that it deals with the IT services of the Revenue Agency and several other entities of the PA and the government.
Another press release, this time by Studio Teruzzi Commercialisti Gesis srl. The confusion would depend solely on the fact that the material stolen from the professional company had the head of the desk.
With regard to the articles published in some media this week regarding an alleged hacker blackmail attempt at the tax authorities, we can only note the following at this point. The data published in these articles, to our knowledge, does not come from Revenue Agency servers, but from one of our servers that was the subject of a recent hacker intrusion attempt aimed at encrypting our files and data exfiltration, using relative ransom note.
This attempt was unsuccessful because our backup and anti-intrusion systems have avoided any data loss and minimized the exfiltration of data, which is under investigation, from those present on our servers. In particular, about 7% of the data would have been exfiltrated.
Lockbit would have failed this time, according to what the accountants of the firm Teruzzi had stated. The press release continues:
Of this part, about 90% would be databases of old versions of management tools and therefore unusable. There were therefore no significant consequences for our and our customers’ activities. The parties directly involved, including the competent authorities, have been informed.
We are unable to release any further information at this time in order not to hinder the ongoing investigation.
Source: Lega Nerd