Cyber Incident Victim: SIAE

On November 2, 2018, the Italian Society of Authors and Publishers (SIAE) suffered a cyberattack perpetrated by the hacker collective Anonplus. The group compromised SIAE's website (siae.it) shortly before midnight, defacing the homepage by replacing it with their logo. Anonplus publicly claimed responsibility via a Twitter post, asserting they had exfiltrated a substantial volume of documents related to SIAE's operations. The attackers exploited a known vulnerability in the Drupal content management system underpinning SIAE's web infrastructure, which security analysts noted had remained unpatched since its initial disclosure in 2016. This unaddressed vulnerability provided the entry point for unauthorized server access.

The breach resulted in the theft of approximately 4GB of data containing sensitive personal information belonging to SIAE members, including full names, email addresses, plaintext passwords, mobile phone numbers, and bank account IBANs. Independent cybersecurity analysts contradicted SIAE's initial statement denying the theft of sensitive data, confirming the compromised dataset's legitimacy and exposure risk. Experts Edoardo Limone and Dario Buonocore validated the data's composition, while researcher Valerio Mulas documented Anonplus's operational history, linking them to prior attacks against Italian political entities including Matteo Salvini's Telegram chats, media outlets like Il Giornale, and technology firms Norton Antivirus and Symantec. SIAE acknowledged the website compromise and implemented continuous monitoring to detect further intrusion attempts, though the organization maintained no critical data was breached despite external corroboration of the data theft's scope. The incident highlighted systemic security failures due to unpatched software, exposing members' financial and identity information to potential misuse.