Cyber Incident Victim: Comune di Trezzano sul Naviglio
Date:
Jan 2022
Location:
Italy
Summary
The Comune di Trezzano sul Naviglio experienced a hacker attack targeting its systems, reported to authorities including the Postal Police and the Data Protection Authority. The intrusion caused damage to servers and equipment, necessitating significant restoration efforts and data recovery operations. No data loss or document leaks occurred, attributed to prior investments in cloud storage infrastructure that maintained service continuity despite minor delays. The municipality emphasized its systems' resilience, crediting ongoing technological upgrades aligned with national digital transition guidelines, and announced additional investments to further secure technical office operations while enhancing agility and data protection.
| CIA Posture | Motives | Tactics, Techniques & Procedures |
|---|---|---|
| Available to members | 3 motives | 1 technique |
| Threat Actors | Type | Location |
|---|---|---|
| 0 actors | Available to members | Available to members |
Description
On January 10, 2022, the Municipality of Trezzano sul Naviglio experienced a confirmed cyberattack targeting its information systems. The attack compromised servers and machines, necessitating extensive data and document recovery efforts. Municipal officials promptly reported the incident to Italy’s Postal Police and notified the Data Protection Authority (Garante per la protezione dei dati personali) in compliance with regulatory obligations. While the attack caused technical damage to infrastructure, the administration confirmed no data exfiltration or permanent loss of documents occurred. Mayor Fabio Bottero attributed this resilience to prior investments in cloud-based storage solutions, which housed most municipal data externally and allowed services to remain operational despite disruptions. Minor delays in administrative functions were acknowledged, though critical citizen-facing services avoided full interruption. Restoration work involved recovering affected systems over an unspecified period following the attack, with no evidence suggesting ongoing adversary presence post-containment.
The incident underscored the municipality’s reliance on cloud infrastructure investments initiated during Bottero’s previous administration term, which minimized operational downtime and data loss risks. These preemptive measures aligned with the Italian Digital Agency (AGID) guidelines for public administration security standards. In response to the attack, Trezzano sul Naviglio announced additional investments to further secure technical office operations, emphasizing agility and data protection enhancements. The administration reiterated its commitment to cloud-based service qualification and infrastructure hardening, framing the attack as part of a broader trend targeting governmental entities. No specific threat actor, attack vector, or financial impact details were disclosed publicly. Post-recovery operations focused on restoring full system functionality without revising the previously established cloud migration strategy.