Cyber Incident Victim: Movimento 5 Stelle
Date:
Aug 2017
Location:
Italy
Summary
The 5-Star Movement experienced a significant cybersecurity incident when hackers breached its Rousseau online platform, compromising member and donor data while disrupting internal democratic processes. Pre-election attacks targeted the system's vulnerabilities, hampering leadership voting through extended technical failures and alleged ballot manipulation. Security experts condemned the platform's outdated infrastructure and inadequate protections, noting its rudimentary design created multiple exploit opportunities. These breaches undermined confidence in the group's internet-based governance model, raising concerns about data security and procedural transparency. The managing consultancy's limited resources exacerbated challenges in addressing systemic weaknesses, threatening both operational credibility and membership growth ahead of critical elections.
| CIA Posture | Motives | Tactics, Techniques & Procedures |
|---|---|---|
| Available to members | 2 motives | 2 techniques |
| Threat Actors | Type | Location |
|---|---|---|
| 0 actors | Available to members | Available to members |
Description
In August 2017, anonymous hackers infiltrated the Rousseau online platform operated by Italy’s 5-Star Movement, compromising sensitive data related to members and donors. The Rousseau system, central to the party’s internet-based direct democracy model, served as the primary tool for members to vote on policies and select representatives. Founded in 2009 by Gianroberto Casaleggio, the movement promoted web-based governance as an alternative to traditional representative democracy. The breach exposed vulnerabilities in the platform’s security infrastructure, raising concerns about the integrity of the movement’s digital operations ahead of Italy’s parliamentary elections. Casaleggio Associati, the Milan-based web consultancy firm managing Rousseau and led by Gianroberto’s son Davide, acknowledged the incident but provided no detailed public disclosure of the attack’s scope or the specific data exfiltrated. The timing was critical, as the 5-Star Movement led opinion polls and positioned itself as a contender to win the upcoming national election.
A subsequent attack disrupted the online election for the movement’s new leader in September 2017, occurring despite Casaleggio Associati’s assurances of enhanced security measures. Hackers targeted the voting process, causing widespread login failures and connectivity issues that forced two deadline extensions. Only 37,000 of the movement’s 140,000 registered members successfully cast ballots. A hacker publicly released screenshots demonstrating the ability to cast multiple votes using compromised member accounts, further undermining confidence in the system’s reliability. Security experts, including former Casaleggio Associati employee David Puente and cybersecurity specialist Umberto Rapetto, criticized Rousseau’s outdated architecture and "totally inadequate" defenses, noting multiple exploitable weaknesses. The firm’s limited resources—fewer than 20 employees and under €1 million in 2016 revenue—contrasted with the scale of the security challenges. Movement leader Luigi Di Maio dismissed the issues as growing pains of a "startup," but the incidents amplified scrutiny of the platform’s transparency, particularly regarding voter anonymity and independent vote verification. The breaches highlighted systemic risks to the party’s digital governance model during a pivotal electoral period.