Cyber Incident Victim: Cooperativa Sociale Liberi Sogni
Date:
Feb 2023
Location:
Italy
Summary
A cyberattack targeting Cooperativa Sociale Liberi Sogni disrupted its website and Facebook page, rendering both inaccessible for an extended period. While the website was eventually restored, the organization's social media presence remained compromised, prompting the cooperative to issue a public notification acknowledging a malware-related breach and apologizing for service interruptions. Stakeholders were advised to use alternative email and phone contacts for communication during the incident.
| CIA Posture | Motives | Tactics, Techniques & Procedures |
|---|---|---|
| Available to members | 2 motives | 1 technique |
| Threat Actors | Type | Location |
|---|---|---|
| 0 actors | Available to members | Available to members |
Description
On February 9, 2023, Cooperativa Sociale Liberi Sogni, a social cooperative based in Calolziocorte, experienced a cyberattack targeting its digital infrastructure. The organization's website became infected with malware, rendering it inaccessible for an extended period. Simultaneously, the cooperative’s official Facebook page, "Liberi Sogni," ceased to be publicly viewable, indicating a coordinated disruption of their primary online communication channels. Cooperative leadership detected the compromise and formally acknowledged the incident through an email circulated to media outlets and partner organizations that afternoon. In this communication, they explicitly stated both systems were “under malware attack” and confirmed their inability to maintain normal online operations. While partial restoration occurred relatively quickly for the website, the Facebook page remained non-functional at the time of their public notification, creating an asymmetric recovery timeline across the compromised platforms.
The attack disrupted standard service workflows, forcing the cooperative to implement contingency measures for public inquiries. They disseminated alternative contact methods—including a dedicated phone number (388 199 6072) and a primary email address ([email protected])—to maintain basic communication throughput. For queries specifically related to their residential tent-based summer camps, they established a separate email contact ([email protected]), reflecting an effort to segment operational recovery by service line. Public statements emphasized apologies for disruptions while affirming ongoing efforts to fully restore both the website and social media presence. No explicit details regarding the attack’s origin, intrusion methods beyond the confirmed malware component, or data compromise were disclosed in the available reporting. The cooperative’s response prioritized service restoration and transparent stakeholder notification through traditional media channels amid the sustained Facebook outage.