Cyber Incident Victim: Ho Mobile

In December 2020, Ho-Mobile, an Italian telecommunications provider owned by Vodafone Italy, faced reports that a database containing approximately 2.5 million customer accounts had been stolen and offered for sale on a dark web hacker forum. The compromised data allegedly included extensive personally identifiable information such as customers' dates of birth, phone numbers, fiscal codes (Italy’s tax identification numbers), physical addresses, and email addresses. The breach announcement surfaced publicly through cybersecurity news outlet HackRead, which detailed the dark web marketplace listing. At the time of reporting, the threat actor claimed possession of the full database and actively marketed its sale, though no specific ransom demands or extortion attempts were explicitly mentioned in the available information. The scale of the incident placed it among significant data exposures affecting Italian telecommunications customers that year.

Ho-Mobile issued a public response acknowledging awareness of the allegations but stated they had no evidence confirming any security breach or cyberattack against their systems. The company emphasized it had initiated an internal investigation to verify the claims and assess potential impacts. No technical details regarding the intrusion method, such as exploitation vectors or duration of unauthorized access, were disclosed by either the attackers or the company. The incident exposed affected customers to heightened risks of identity theft, financial fraud, and phishing campaigns due to the sensitivity of the fiscal codes and contact information involved. No follow-up disclosures about remediation efforts, customer notifications, or regulatory filings were included in the immediate public reporting following the initial announcement.