Cyber Incident Victim: ASST-Rhodense

On June 6, 2024, ASST Rhodense, a healthcare organization in Lombardy, Italy, experienced a disruptive cyberattack that began during the previous night. The attack caused significant operational disruptions, rendering the organization’s information systems inoperable ("sistemi informatici in tilt"). The perpetrators issued a ransom demand to the healthcare provider, though the specific demands or payment mechanisms were not disclosed. The incident exclusively impacted ASST Rhodense’s infrastructure at the time of reporting, with no confirmed collateral damage to external regional systems. Hospitals under ASST Rhodense’s jurisdiction serve a population of approximately 483,000 residents across their operational territory, amplifying concerns about potential disruptions to patient care and administrative functions. No further technical specifics regarding the attack vector, malware type, or data compromise were verified in the available reporting.

In response, the Lombardy Region activated its regional cybersecurity task force and engaged Aria, an entity referenced in context but not explicitly defined in the source material. Concurrently, Italy’s National Cybersecurity Agency was alerted and deployed a specialized team to assist ASST Rhodense with recovery efforts. Investigators had not yet determined whether the threat actors responsible for this attack were connected to a late May 2024 ransomware incident targeting Synlab Italia, a separate healthcare diagnostics provider. The incident remained under active investigation with no public confirmation of system restoration timelines or whether ransom negotiations occurred. Operational continuity challenges persisted across ASST Rhodense’s healthcare facilities due to the unresolved system outages.