Email.it

Email.it operates as an Italian email service provider, offering email hosting and related communication services to a user base primarily located in Italy. The platform's core functions include managing email accounts, storing user-generated content such as messages and attachments, and supporting auxiliary features like security verification through SMS messages. Its operational infrastructure involved web applications developed in-house, with the company maintaining control over backend systems and customer databases. The organization served at least 600,000 registered users prior to its 2018 breach, indicating a substantial regional footprint within Italy's digital communication sector. Security practices notably included storing authentication credentials in unencrypted plaintext format alongside security question responses, a critical vulnerability later exploited by threat actors.

A 2018 cyberattack compromised Email.it's systems, resulting in the theft of 46 databases containing comprehensive user records. Network intruders exfiltrated emails, file attachments, SMS message archives, and sensitive account details including unprotected passwords. The attackers—claiming affiliation with the NN Hacking Group—accessed and extracted proprietary source code for the company's web applications, escalating the incident beyond a conventional data breach to include intellectual property loss. After Email.it declined ransom demands, the hackers marketed the stolen datasets on underground forums, exposing hundreds of thousands of Italian users to potential identity theft and fraud. This incident underscored systemic security deficiencies in the company's data handling protocols while demonstrating adversaries' ability to penetrate critical infrastructure layers.