Cyber Incident Victim: Centro Basile

On or around June 9, 2023, the Italian healthcare diagnostics provider Centro Basile detected a security incident affecting one of its servers. The incident was the result of unauthorized access by hackers. The organization, a historic Neapolitan presidium in the field of private diagnostics that is affiliated with the local health authority (ASL), immediately undertook actions to remedy any system vulnerabilities. The primary goal of these initial measures was to limit the impacts on the company's operational capabilities and to prevent further damaging events to its infrastructure. In response to the illicit access, Centro Basile engaged external cybersecurity experts to provide support and assistance in managing the incident. The relevant authorities, including the Italian Postal Police, were promptly informed of the breach. The organization maintained constant contact with these authorities throughout the response period, and later publicly thanked the Postal Police for their efforts and the support demonstrated to the facility during this time.

As a direct security measure following the cyber attack, Centro Basile made the decision to temporarily shut down its official website, centrobasile.it, and all online services accessible through it. This action was taken to contain the threat and prevent any potential further exploitation of web-based systems. Despite the closure of these digital channels, the company ensured continuity of its core patient services. Operations continued at its physical centers, and the organization's call center remained operational to handle patient inquiries and needs. The attack caused significant operational slowdowns across the organization, impacting its normal workflow and service delivery, though the exact technical nature and full scope of the intrusion were not detailed in public communications.

Centro Basile committed to working actively to keep all stakeholders informed about the effects of the incident. The organization focused on providing timely updates and supporting interested parties in understanding the impact of the intrusion on their data. To facilitate direct communication with patients during the emergency, Centro Basile established a dedicated email address and activated a dedicated listening line. The provided contact information was a telephone number, 3293396580, and an email address, [email protected]. These channels were set up to ensure patients could still reach the organization for urgent needs despite the disruption to normal online services. The company reassured its patients that it was addressing the emergency with the utmost seriousness and commitment, aiming to limit inconveniences and remedy the situation with the greatest possible speed.

The incident represented another cyber attack targeting the Italian healthcare sector, highlighting the vulnerability of critical medical and diagnostic service providers to such disruptive events. The parent company, Cerba Health care, a French group that had acquired the Naples-based presidio years earlier, was involved through the provided emergency contact email domain. The public disclosure of the attack came via a press release issued by Cerba Health care in the days following the initial detection on June 9. The full extent of the data impact, including whether patient or employee information was accessed or exfiltrated, was not explicitly detailed in the available communications. The primary publicly acknowledged consequences were the operational slowdowns and the temporary cessation of online services through the company's website. The organization's repeated commitment to restoring all services as rapidly as possible indicated a significant effort was underway to recover from the attack and return to normal operational status. The engagement of specialized cybersecurity experts suggested a comprehensive investigation was conducted to understand the breach's root cause and to implement stronger defensive measures for the future.