Azienda Trasporti e Mobilità di Ancona e Provincia

ATMA, also known as Azienda Trasporti e Mobilità di Ancona e Provincia, operates as a transport and mobility company in the Ancona province of Italy. Its core activity involves providing public transportation services to residents and visitors within the region. The organisation enables users to purchase mobility tickets through various channels, including a dedicated mobile application. This mobile application is developed and maintained by MyCicero S.r.l., which acts as ATMA’s official app provider. Through the app, commuters can access timetables, plan journeys, and buy tickets for local transit services. ATMA’s services are intended to support integrated mobility solutions across the urban and suburban areas of Ancona and its surrounding territory.

On March 30, 2025, a cybersecurity incident was reported affecting MyCicero S.r.l.’s servers, which host ATMA’s mobile application. The breach resulted from an external cyberattack that compromised certain personal data stored on those servers. Exposed information included users’ names, email addresses, phone numbers, and details of purchased mobility tickets. Importantly, login credentials, passwords, and payment card details were not accessed or disclosed in the incident. The exposed data could potentially be used for phishing attempts, unsolicited communications, or fraudulent activities targeting affected individuals. In response, MyCicero S.r.l. isolated the affected systems, performed a thorough infrastructure analysis, implemented remediation measures, and strengthened its security controls. Additionally, a dedicated support channel was established to assist users with inquiries and provide guidance on protective steps. ATMA communicated the incident to its users through an official notice, advising vigilance and outlining the steps taken to mitigate the risk.