Cyber Incident Victim: Union of Italian Retired Military Officials
Date:
Sep 2018
Location:
Italy
Summary
A hacking group affiliated with Anonymous, identified as LulzSec, breached the website of the Union of Italian Retired Military Officials, exposing members' residential addresses, email addresses, and membership identification numbers. The attackers framed the intrusion as a protest against perceived excessive defense expenditures amid public financial struggles, while also aiming to embarrass Italian institutions following a national call for improved cybersecurity defenses. Concurrently, the group compromised multiple trade union websites, exfiltrating and leaking sensitive data including donation records related to labor disputes and personal information of union officials. The incidents collectively highlighted institutional vulnerabilities to cyber intrusions, with LulzSec publicly mocking authorities' preparedness in mitigating such attacks.
| CIA Posture | Motives | Tactics, Techniques & Procedures |
|---|---|---|
| Available to members | 2 motives | 1 technique |
| Threat Actor | Type | Location |
|---|---|---|
| 1 actor | Available to members | Available to members |
Description
On September 17, 2018, the hacker collective LulzSec claimed responsibility for breaching the website of Unuci (Union of Italian Retired Military Officials) and leaking sensitive data belonging to retired military personnel. The attackers disclosed home addresses, email addresses, and Unuci membership card numbers of affected individuals. LulzSec announced the breach via Twitter, accompanied by the statement "Non sono i popoli a dover avere paura dei propri governi, ma i governi che devono avere paura dei propri popoli" ("It is not the people who should fear their governments, but governments that should fear their people"). The collective framed the attack as a protest against Italy's defense spending priorities during a period of civilian financial hardship, targeting a website reportedly managed by a retired military officer. This incident occurred shortly after September 13, when Italian President Sergio Mattarella had publicly emphasized the need to protect citizens from cyber threats, a statement that LulzSec referenced in justifying their actions as exposing institutional cybersecurity shortcomings.
The Unuci breach formed part of a broader targeting campaign against Italian institutions and labor organizations during September 2018. Five days prior on September 12, LulzSec had breached websites of the USB (Unione Sindacale di Base) and CISL (Confederazione Italiana Sindacati Lavoratori) unions, particularly those providing services through the Interior and Justice Ministries. The USB union suffered more extensive exposure, with leaked data including donation records supporting Ilva steelworkers and information about union representatives facing employment instability. This pattern followed Anonymous' November 2017 claims of compromising multiple ministry databases, though those assertions had been downplayed by National Police Chief Franco Gabrielli. The Unuci attack highlighted persistent vulnerabilities in organizations interfacing with government entities, compromising personal information of military veterans while demonstrating hacktivist capabilities to access and disseminate sensitive institutional data.