Cyber Incident Victim: Gruppo Dolomiti energia
Date:
Feb 2022
Location:
Italy
Summary
Gruppo Dolomiti energia experienced a cyberattack by external actors that disrupted certain IT platforms, though service delivery and plant safety remained unaffected. The company promptly implemented containment measures with cybersecurity experts to mitigate the incident's spread and protect potentially involved parties, while notifying relevant law enforcement and data protection authorities. Initial investigations found no evidence of business or personal data exfiltration. Restoration efforts prioritized operational recovery while ensuring security protocols, with commitments to provide further updates transparently as the situation evolved.
| CIA Posture | Motives | Tactics, Techniques & Procedures |
|---|---|---|
| Available to members | 1 motive | 1 technique |
| Threat Actors | Type | Location |
|---|---|---|
| 0 actors | Available to members | Available to members |
Description
On or around February 1, 2022, Gruppo Dolomiti Energia detected a cybersecurity incident involving unauthorized external actors compromising its information systems. The attack disrupted several of the company’s IT platforms, rendering them temporarily unavailable. The group emphasized that core service delivery operations and the safety of its physical infrastructure remained unaffected throughout the incident. Upon discovery, the organization implemented immediate containment measures to limit the attack’s operational impact and prevent further propagation across its network. A dedicated team of cybersecurity experts was engaged to assist in managing the incident and safeguarding potentially affected stakeholders. Preliminary assessments conducted during the initial response phase found no indications of compromised business operations or physical assets.
Gruppo Dolomiti Energia proactively notified Italy’s Postal Police and relevant data protection authorities about the breach as part of its compliance protocols. Ongoing forensic investigations at the time of their public statement had not yet identified evidence of data exfiltration involving business records or personal information. The company prioritized restoring full operational capacity while maintaining stringent security controls throughout the recovery process. Regular updates were pledged to stakeholders in alignment with the organization’s transparency policies, though no specific timeline for full restoration was disclosed. Internal and external cybersecurity resources remained focused on system remediation and verifying the absence of persistent threats.