Cyber Incident Victim: Grandi Navi Veloci
Date:
Jun 2019
Location:
Italy
Summary
The provided article from Grandi Navi Veloci's website contains no information about a cybersecurity incident, data breach, or malicious attack. The content exclusively promotes ferry routes, onboard amenities, group travel offers, regional discounts, and fleet expansion announcements regarding new LNG-powered vessels. There is no reference to system compromises, unauthorized access, data exposure, ransomware events, or operational disruptions affecting GNV's infrastructure or services. The URL path "/avviso-attacco.html" (translated as "notice-attack.html") suggests a potential incident notification might have been intended, but the article body lacks any corroborating details or security-related disclosures. No technical or operational impacts are described in the available content.
| CIA Posture | Motives | Tactics, Techniques & Procedures |
|---|---|---|
| Available to members | 1 motive | 1 technique |
| Threat Actors | Type | Location |
|---|---|---|
| 0 actors | Available to members | Available to members |
Description
On 23 September 2019, Grandi Navi Veloci (GNV) disclosed a cyber-attack targeting its online booking systems between 25 June and 18 July 2019. The breach was detected following reports of suspicious transactions from payment processors, prompting an investigation supported by independent professionals. Attackers gained unauthorized access to personal data of passengers, credit card holders, and individuals named in reservations made through www.gnv.it during the affected period. Compromised data included identification details, contact information, and payment card data used for ticket purchases. GNV characterized the intrusion as a sophisticated attack capable of bypassing high-level security measures, though the perpetrators remained unidentified. The company confirmed the breach exclusively impacted customers who transacted via its website within the specified 24-day window, with no evidence of compromise to other systems or offline reservations.
GNV notified the Italian Data Protection Authority of the incident and initiated containment measures, including replacing compromised infrastructure and enhancing continuous security monitoring systems. The company established a dedicated telephone helpline and email address ([email protected]) for affected customers, operating daily from 8 a.m. to 9 p.m. GNV directly contacted potentially impacted individuals, advising them to review payment card statements for fraudulent activity and consult their card issuers about protective measures. The investigation focused on determining the attack's full scope, implementing mitigations against future incidents, and assessing risks to affected parties. While validating the continued legitimacy of purchased tickets, GNV recommended that customers who provided third-party payment details during bookings inform those cardholders of the breach. The company emphasized ongoing coordination with financial institutions to implement additional safeguards and stated it was pursuing legal action against unidentified attackers.