Cyber Incident Victim: Bavelloni SpA

On December 23, 2022, the LockBit 3.0 ransomware group publicly claimed responsibility for a cyberattack targeting Italian glass machinery manufacturer Bavelloni SpA. The attackers initiated a 9-day countdown for data publication, setting a deadline of January 2, 2023, at 08:38 UTC for the victim to meet their demands. LockBit exfiltrated approximately 200 GB of sensitive company data during the breach, including financial records, customer and supplier contracts, intellectual property, and technological process documentation. The group offered three payment options through their ransomware note: $299,999 for complete data deletion, $1,000 per day to extend the countdown timer, or an unspecified amount to download the stolen information. No information regarding Bavelloni's payment decisions or negotiation status was disclosed in available reporting. The attackers explicitly threatened to publish the entire dataset on their leak site if their demands remained unmet by the deadline.

Bavelloni SpA, founded in 1946, operates as a historic Italian manufacturing brand specializing in glass processing machinery, with all production occurring domestically. The compromised data contained proprietary technical information central to the company's operations and competitive positioning in the glass machinery sector. LockBit's theft of financial documentation and contractual agreements exposed Bavelloni to potential operational disruptions, reputational damage, and compliance risks stemming from the exposure of confidential business relationships. The incident timeline shows no public disclosure of containment measures, forensic investigations, or system restoration efforts undertaken by Bavelloni as of the article's publication date. Industry monitoring sources indicated ongoing observation of the situation for potential data leaks following the expiration of the ransom deadline.