Cyber Incident Victim: Geox

On or around June 15, 2020, Italian footwear manufacturer Geox suffered a ransomware attack that crippled operations at its Montebelluna headquarters for two consecutive days. The attack deployed malware that encrypted data on infected machines, rendering systems inoperable without a decryption key typically offered by attackers in exchange for ransom payments. Critical business functions—including logistics operations, e-commerce platforms, and corporate email systems—were paralyzed. This disruption forced Geox to temporarily suspend onsite work and send employees home while internal technical teams focused on restoring systems and eradicating the ransomware. Despite the severe operational impact, the company maintained partial functionality by continuing to process online orders and preserve communications with retailers, customers, and suppliers throughout the incident.

This marked Geox's second cybersecurity incident within six months, following a May 2020 operation where the company collaborated with Italy's Postal Police to dismantle Geoxoutlet.online, a fraudulent website impersonating an official outlet store to sell non-existent products. The ransomware attack occurred amid Geox's established two-year cybersecurity partnership with law enforcement agencies, reflecting prior organizational recognition of digital threats. Technical response teams worked intensively to restore headquarters operations, though the article does not specify whether ransom demands were issued or paid. No data exfiltration or secondary impacts beyond operational disruption were reported. The incident underscored persistent vulnerabilities in corporate infrastructure despite proactive security measures and interagency cooperation.