Cyber Incident Victim: Prefecture of Naples
Date:
Nov 2019
Location:
Italy
Summary
Hacktivist groups Anonymous and LulzSecITA conducted cyber attacks targeting the Prefecture of Naples, professional orders, and a telecommunications provider, leaking sensitive documents including identification records, telephone data, and financial information. The breach, part of an annual protest highlighting security vulnerabilities and privacy concerns, resulted in the exposure of approximately 5.4 gigabytes of data. The attackers claimed their actions aimed to demonstrate inadequate security measures rather than committing fraud, emphasizing the failure of entities entrusted with protecting personal data.
| CIA Posture | Motives | Tactics, Techniques & Procedures |
|---|---|---|
| Available to members | 2 motives | 1 technique |
| Threat Actors | Type | Location |
|---|---|---|
| 2 actors | Available to members | Available to members |
Description
On November 5, 2019, Italian hacktivist groups Anonymous Italia and LulzSecITA conducted coordinated cyber intrusions against multiple Italian organizations as part of the annual Million Mask March protest, also known as Operation Vendetta. The attacks coincided with Guy Fawkes Day, a date historically associated with Anonymous-led demonstrations against political corruption, surveillance, and institutional accountability. Among the confirmed targets was the Prefecture of Naples, though specific technical details regarding its compromise were not disclosed in available sources. Concurrently, LulzSecITA breached telecommunications provider Lyca Mobile’s Italian operations, exfiltrating approximately 5.4 gigabytes of sensitive customer and corporate data. Leaked documents included scanned identity cards, passports, driver’s licenses, telephone records, and credit card information. Evidence suggested unauthorized access to the email account lycamobile[at]lycamobile[.]it, potentially granting full control over the account, though the attackers claimed their objective was to expose security flaws rather than conduct financial fraud.
The incident resulted in the public dissemination of personally identifiable information (PII) belonging to Lyca Mobile customers and internal corporate documents, creating immediate privacy risks for affected individuals. Hacktivists justified the breaches as demonstrations of institutional and corporate failures in protecting citizen data, with Anonymous Italia explicitly criticizing entities for disregarding privacy laws they were mandated to enforce. No verifiable claims or evidence surfaced regarding the manipulation or deletion of Prefecture of Naples systems, though its inclusion among the named targets indicated a symbolic compromise aligned with the operation’s anti-establishment themes. Lyca Mobile’s breach represented the most quantifiable impact, with the data volume suggesting systemic extraction from company repositories. The groups did not issue ransom demands or destructive payloads, framing the intrusions as awareness-raising actions. No mitigation measures or responses from the Prefecture of Naples or Lyca Mobile were documented in the immediate aftermath within the available reporting period.