Cyber Incident Victim: Piano Nazionale di Ripresa e Resilienza

On 1 March2025 the Comune di San Lucido URP published a notice on its Facebook page informing citizens that the municipal website, which had been developed under measure 1.4.1 of the Piano Nazionale di Ripresa e Resilienza titled 'Esperienza del Cittadino nei servizi pubblici', had been subjected to a cyber attack. The notice specified that the attack had targeted the WordPress plugins used on the site. These plugins had been prepared by the Designers Italia team and subsequently released by AGID and the Team per la Trasformazione Digitale. According to the post, the malicious activity was first detected at 09:00 on Thursday 27 March 2025. The announcement did not disclose any further details about the threat actor or the specific techniques employed.

In response to the detection, the municipality initiated sanitization procedures and commenced extraordinary, non‑scheduled maintenance on the web servers hosting the site. The stated purpose of these actions was to increase the level of protection associated with the site’s security measures and to safeguard citizens’ data and information. The post included an apology for any service disruptions caused by the ongoing work. The administration also indicated that it remained available to provide further updates should additional information become available. The notice concluded with a reminder that the intervention was necessary to raise the overall security posture of the online service.