mobilita.gov.it

The organisation is known by the alias mobilita.gov.it. Its headquarters is located in Italy. The website uses the .gov.it top‑level domain, signalling its status as an Italian government entity. As a government‑run online service, it operates under the authority of the Italian state.

On 18 November 2016, the website was compromised by a hacker who exploited an SQL injection vulnerability. The attack exposed credentials and personal data belonging to roughly 45,000 users of the site. Approximately 9,000 of those records were subsequently made public by the attacker. The disclosure was intended to pressure the administrators into addressing the underlying security flaws. The attacker stated that he had previously attempted to contact the relevant authorities through other channels without receiving a response.

Security experts criticised the absence of an initial official reply to the attacker’s outreach attempts. Following the breach, the site’s administrators took the service offline temporarily to remediate the vulnerabilities. After completing the necessary fixes, the website was restored and returned to normal operation. The intrusion resembled other incidents carried out by the same threat actor against government portals in various countries. In contrast to some of those nations, Italian officials did not publicly acknowledge the hacker’s actions or attribute the breach to him. Furthermore, no formal updates or detailed reports regarding the compromise were issued by the Italian authorities after the incident.