Cyber Incident Victim: Comune di Turate
Date:
Mar 2023
Location:
Italy
Summary
A cyberattack targeting an Italian municipality compromised its IT systems, leading to significant disruptions in digital services including email and certified electronic mail (PEC). Specialized technicians are working to restore functionality, with electronic communication channels expected to resume within days, prompting temporary reliance on telephone contacts. The unauthorized database breach prompted formal notification to data protection authorities, with plans to file a complaint with the Postal Police. The administration characterized the incident as a criminal act of force majeure that circumvented existing security measures, noting it aligns with recent periodic waves of attacks against national institutional websites. Service restoration efforts are prioritized while maintaining operational continuity through alternative channels.
| CIA Posture | Motives | Tactics, Techniques & Procedures |
|---|---|---|
| Available to members | 1 motive | 1 technique |
| Threat Actors | Type | Location |
|---|---|---|
| 0 actors | Available to members | Available to members |
Description
On or around March 10, 2023, the municipal administration of Comune di Turate in Lombardy, Italy, suffered a cyberattack that caused significant disruption to its information systems. The breach involved unauthorized and fraudulent access to the municipality’s databases, compromising operational functionality. The administration characterized the incident as a "criminal force majeure event," acknowledging that the attack succeeded despite existing preventive security measures. Technical specialists and relevant authorities immediately initiated recovery efforts to restore system functionality. The data controller formally notified Italy’s Data Protection Authority (Garante) of the breach, confirming the illicit access to sensitive municipal data. Initial assessments indicated the attack disrupted electronic communication channels, including email and certified email (PEC) services, forcing staff to rely temporarily on internal telephone lines for public communication. Officials emphasized the attack’s non-isolated nature, linking it to periodic waves of cyber intrusions targeting Italian institutional websites in preceding months, though no specific threat actor group or attack vector was disclosed.
The Comune di Turate prioritized restoring digital services, projecting that email and PEC systems would resume normal operations within days. Law enforcement authorities, specifically the Postal Police (Polizia Postale), were alerted to investigate the breach, with the municipality preparing to file a formal criminal complaint. Municipal communications stressed the incident’s gravity while assuring citizens of a structured response to mitigate further exposure. Recovery teams focused on reactivating critical telematics infrastructure to minimize public service interruptions. Historical context revealed Turate’s administrative systems had not previously faced publicly documented cyber incidents of comparable scale. The incident underscored systemic vulnerabilities affecting local government entities amid increasingly frequent targeting of public sector infrastructure across Italy. Restoration efforts proceeded without detailed public disclosure of technical forensic findings or data exfiltration scope, with operational continuity prioritized alongside regulatory compliance obligations.