Cyber Incident Victim: Comune di Rivoli
Date:
Jan 2022
Location:
Italy
Summary
A cyberattack targeted the municipal administration of Rivoli, blocking all employee computers and rendering file icons inaccessible, forcing systems to be shut down to prevent further spread. Critical services including civil registry and population records were disrupted, preventing document issuance due to inaccessible databases. The mayor confirmed reporting the incident to postal police and privacy authorities, acknowledging unknown perpetrators with no ransom demands. Technicians are working to restore operations but cannot estimate recovery time, while temporary measures allow partial employee productivity. The incident is expected to incur significant recovery costs, diverting funds from community support initiatives.
| CIA Posture | Motives | Tactics, Techniques & Procedures |
|---|---|---|
| Available to members | 3 motives | 1 technique |
| Threat Actors | Type | Location |
|---|---|---|
| 0 actors | Available to members | Available to members |
Description
On January 20, 2022, around midday, the municipal computer systems of Comune di Rivoli in Italy suffered a cyberattack. Employees observed file icons becoming obscured and inaccessible, prompting immediate action. By 14:00 that day, all municipal computers were rendered inoperable. Mayor Andrea Tragaioli confirmed the attack originated from unknown actors, with no immediate claims of responsibility or ransom demands detected. The municipality filed formal reports with the Postal Police and Italy’s Data Protection Authority (Garante della privacy), with administrative director Daniele Ciancetta leading the incident response. As a containment measure, all employees were instructed to power down their computers to prevent further propagation of the malware.
The attack disrupted all services requiring access to digital archives, including civil registry, population records, and document issuance. Municipal operations remained partially paralyzed for at least two days, with technicians unable to estimate a restoration timeline. Temporary workarounds enabled limited employee productivity, but full operational capacity was not restored during the initial reporting period. Mayor Tragaioli publicly acknowledged significant financial costs for system recovery, diverting funds from community support programs. Service interruptions caused widespread inconvenience to citizens seeking administrative documents. No data exfiltration or specific attacker motives were disclosed in available reports.