Cyber Incident Victim: Studio Legale Grande Stevens

On August 29, 2022, the Italian law firm Grande Stevens, specializing in commercial and corporate law with headquarters in Turin, suffered a cyberattack attributed to the BlackByte ransomware group. The attackers compromised the firm's IT infrastructure and exfiltrated sensitive data, including confidential legal case minutes, technical consultations, and internal directory listings. BlackByte subsequently published samples of the stolen documents on its dedicated data leak site (DLS) as proof of the breach. The compromised materials reportedly contained privileged client information and case-related documentation tied to the firm’s five-decade history of providing judicial and extrajudicial legal services. Grande Stevens, founded by Franzo Grande Stevens—a prominent Italian lawyer and honorary president of Juventus FC—had longstanding associations with high-profile clients, including the Agnelli family.

The attackers issued dual ransom demands: $160,000 for data deletion and $210,000 for exclusive purchase of the stolen information, purportedly to prevent its underground dissemination. BlackByte’s DLS post implied possession of additional unreleased data through directory listings. No public statements from Grande Stevens regarding incident response, data recovery, or ransom negotiations were documented in the source material. The breach exposed legally sensitive materials, risking client confidentiality and operational integrity. Cybersecurity outlet RedHotCyber (RHC) monitored developments but reported no substantive updates or victim statements post-incident. BlackByte’s operational tactics aligned with typical ransomware-as-a-service (RaaS) models, leveraging encryption and extortion, though the article did not specify whether systems were encrypted or solely breached for data theft. The incident underscored the targeting of legal sector entities housing high-value intellectual property and client data.