Cyber Incident Victim: Provincia di Milano
Date:
Feb 2018
Location:
Italy
Summary
A cyberattack attributed to the Anonplus collective, affiliated with Anonymous, compromised the website of a political party in Florence, causing operational disruption and the unauthorized publication of 2,653 files containing sensitive personal data of members, including contact details of high-profile individuals. The breach prompted law enforcement intervention leading to an arrest, with the suspect claiming the intrusion was motivated by testing system vulnerabilities rather than political objectives. The incident sparked cross-party criticism regarding inadequate cybersecurity measures and intensified debates about digital privacy risks during election periods, underscoring vulnerabilities in political organizations' data protection practices. It also highlighted broader concerns about large-scale cyber operations potentially undermining democratic processes.
| CIA Posture | Motives | Tactics, Techniques & Procedures |
|---|---|---|
| Available to members | 1 motive | 2 techniques |
| Threat Actor | Type | Location |
|---|---|---|
| 1 actor | Available to members | Available to members |
Description
On or around February 4, 2018, the international hacker collective Anonplus, affiliated with Anonymous, executed a cyberattack against the website of the Florence branch of Italy’s Partito Democratico (PD). The attackers compromised the site, rendering it inoperable, and exfiltrated 2,653 files containing sensitive personal data of party members. The leaked information included full names, physical addresses, landline numbers, mobile phone numbers, and other contact details of PD affiliates. Among the exposed individuals were high-profile figures such as PD Secretary Matteo Renzi, Treasurer Francesco Bonifazi, and Florence Mayor Dario Nardella. Anonplus publicly claimed responsibility for the breach via their Twitter account (@AnonPlus_Info), where they disseminated the stolen contact lists and details of the attack. The PD confirmed the incident, stating their website server required restoration and estimating a 48-hour recovery timeline. The timing proved particularly sensitive, occurring approximately one month before a critical electoral runoff period, amplifying concerns about disruption to political campaigns.
The breach triggered immediate operational and reputational consequences. The PD expressed grave concerns over the security lapse and potential misuse of members’ private information. Italy’s Postal Police responded by arresting a 26-year-old suspect from Veneto, identified by the pseudonym ‘Evariste Galois,’ who denied political motivations and claimed the attack was intended to test system vulnerabilities. The Five Star Movement (M5S) publicly criticized the PD’s cybersecurity measures while offering solidarity through a blog post. Broader political ramifications emerged, with Senate Vice President Rosa Maria Di Giorgi warning that such incidents threatened democratic stability and urging cross-party collaboration to bolster defenses. The attack reignited scrutiny of electronic data protection standards, prompting calls for heightened oversight by Italy’s Data Protection Authority (Garante della privacy). This incident mirrored prior cyber operations attributed to Anonymous-linked groups, including a 2013 breach targeting the Lega Nord party and its leader Matteo Salvini, underscoring recurring vulnerabilities in Italian political infrastructure.