Cyber Incident Victim: Mobilità di Marca

Between March 29 and March 30, 2025, the mobile ticketing provider MY CICERO informed Mobilità di Marca that a personal data breach had occurred as a result of malicious activity conducted by unidentified external actors on the provider’s servers. The breach led to the temporary inaccessibility of the system while verification and security actions were carried out. This interruption caused users to experience malfunctions or slowdowns in the Mobilità di Marca app during the preceding days. The provider subsequently confirmed that, on April 4, 2025, an unauthorized exfiltration of data to a remote cloud had taken place.

The data potentially exposed include personal information such as name, surname, gender, date of birth, place of birth, and tax code, as well as contact details comprising postal or email addresses and fixed or mobile phone numbers. The provider explicitly stated that banking data were not involved in the incident. In response, the provider implemented measures to contain the breach and attenuate its effects, and additionally adopted technical and organizational safeguards intended to prevent similar incidents from recurring. Mobilità di Marca has remained in continuous contact with the provider to monitor the outcome of the investigations and to undertake any further actions necessary to mitigate possible consequences. Mobilità di Marca expressed regret over the event and made available the email address [email protected] for users seeking support or information related to the breach. The organization indicated that it will continue to provide useful updates as the situation evolves. No further details about the attackers, their motives, or the exact volume of data transferred have been disclosed in the available source.