Cyber Incident Victim: FourB S.p.A.
Date:
Sep 2022
Location:
Italy
Summary
Vodafone Italy notified customers of a data breach involving reseller FourB S.p.A., following a cyberattack that compromised sensitive subscriber information including identity documents, contact details, and subscription records, though account passwords and network traffic data remained unaffected. The telecommunications company warned of heightened phishing risks, while the reseller secured breached systems to prevent recurrence. Separately, a hacker group claimed responsibility for an attack around the same timeframe, offering alleged stolen Vodafone data for sale, though no confirmed connection to this incident was established.
| CIA Posture | Motives | Tactics, Techniques & Procedures |
|---|---|---|
| Available to members | 1 motive | 2 techniques |
| Threat Actor | Type | Location |
|---|---|---|
| 1 actor | Available to members | Available to members |
Description
In early September 2022, FourB S.p.A., a commercial reseller of Vodafone Italia telecommunications services, experienced a cyberattack compromising sensitive customer data. The breach occurred during the first week of September, though the exact intrusion method and initial detection timeline remain unspecified in public disclosures. Attackers accessed subscription details, identity documents containing sensitive personal information, and customer contact details stored on FourB's systems. Vodafone Italia confirmed no account credentials, passwords, or network traffic metadata were exposed in the incident. The telecommunications provider began issuing breach notifications to affected customers on November 2, 2022, over two months after the attack, warning of heightened phishing and scam risks due to the exposure of identifiable information. FourB terminated unauthorized access to its compromised servers following the attack but did not publicly disclose when containment measures were fully implemented.
Vodafone's notification emphasized FourB's implementation of enhanced security protocols post-breach to prevent recurrence, though technical specifics of these measures were not detailed. Separately, on September 3, 2022, the hacker group KelvinSecurity claimed responsibility for an attack on Vodafone Italia, advertising approximately 295,000 files totaling 310 GB of allegedly stolen data for sale on hacker forums. No verifiable evidence linked KelvinSecurity's claim to the FourB breach, and neither Vodafone nor FourB confirmed any association between the two incidents. The data breach exclusively impacted FourB's infrastructure as a third-party reseller, with Vodafone's core systems remaining unaffected. Customer notifications advised vigilance against social engineering attempts but did not report observable misuse of the stolen data at the time of disclosure. FourB's operational adjustments focused on server access controls without public discussion of forensic findings or attacker attribution.