Cyber Incident Victim: Italian Democratic Party
Date:
Oct 2019
Location:
Italy
Summary
Anonymous Italia breached multiple regional websites associated with the Italian Democratic Party through SQL injection attacks, exploiting obsolete technologies and inadequate security testing. The compromise exposed 220 private databases containing member information, phone numbers, email addresses, and transaction records ranging between 1,500 and 3,000 euros. Third-party entities linked to the party—including Antherica (a web solutions provider), Cna Servizio Estero, Alpiq, and Società Cattolica—also had employee data leaked, though no credentials appeared in plaintext. The attackers published extracted data via Privatebin, impacting individuals and businesses connected to the organization. Affected websites were subsequently restored to operational status.
| CIA Posture | Motives | Tactics, Techniques & Procedures |
|---|---|---|
| Available to members | 1 motive | 1 technique |
| Threat Actor | Type | Location |
|---|---|---|
| 1 actor | Available to members | Available to members |
Description
In October 2019, Anonymous Italia breached eight websites affiliated with the Italian Democratic Party (PD), specifically targeting regional chapters in Emilia Romagna (including Rimini, Parma, Reggio Emilia, Piacenza, and Cesena), Empoli, and the Giovani Democratici (Young Democrats) of Emilia Romagna. The attackers exploited a SQL injection vulnerability through the index.html?idpg= parameter, gaining unauthorized access to the hosting server. This compromise allowed extraction of 220 private and corporate databases from the compromised web infrastructure. Security expert Pawel Zorzan Urban attributed the breach to obsolete website technologies and the absence of cybersecurity penetration testing. The attackers subsequently published database dumps on Privatebin, a pastebin-style service, exposing internal party records without encrypting or redacting sensitive information.
The leaked data included personal details of PD members such as names, telephone numbers, and email addresses, alongside transactional records ranging between €1,500 and €3,000. Third-party organizations linked to the PD were also impacted, with Antherica—a web solutions provider—having employee data exposed. Additional compromised entities included Cna Servizio Estero srl, Alpiq, and Società Cattolica di Reggio Emilia, whose email addresses appeared in the published databases. Notably, user credentials remained protected as passwords were not stored in plain text. The PD restored all breached websites to operational status following the incident, though the public disclosure permanently exposed the extracted personal and financial data.