ASST Fatebenefratelli Sacco
| Primary URL | Location | Industry | www[.]asst-fbfsacco[.]it |
Country
Italy
|
Healthcare
|
|---|
Profile
ASST Fatebenefratelli Sacco, also known as Fatebenefratelli Sacco, is a healthcare provider headquartered in Milan, Italy.
The organisation operates hospital facilities that deliver emergency medical services to the local population.
In addition to emergency care, it provides inpatient treatment, outpatient consultations and a range of clinical specialties.
Core functions include the diagnosis, treatment and ongoing management of patients’ health conditions.
The provider is responsible for creating and maintaining electronic patient health records that support coordination among physicians, nurses and ancillary staff.
Ancillary services such as laboratory diagnostics, medical imaging and pharmacy dispensing are integrated into its care delivery model.
As part of the Italian healthcare system, ASST Fatebenefratelli Sacco adheres to national regulations governing patient safety and clinical quality.
Its primary mission is to ensure timely access to essential healthcare services for the community it serves.
A distinguishing characteristic of ASST Fatebenefratelli Sacco is its responsibility for safeguarding sensitive health information, including personal data of patients and employees.
On 1 May 2022 the organisation experienced a ransomware attack attributed to the Vice Society group.
The attack encrypted clinical folders and rendered patient data inaccessible, forcing medical staff to revert to manual record‑keeping.
Hospital operations, including emergency services, were disrupted during the incident, leading to extended downtime while recovery efforts proceeded.
The attackers exfiltrated a variety of confidential information, notably minors’ health records, employee personal data and internal organisational documents.
The exfiltration indicated a likely focus on shared file servers that stored aggregated clinical and administrative data.
Investigations revealed that the initial access credentials had been sold on criminal underground forums several months before the attack, suggesting the use of an access‑as‑a‑service model.
Authorities conducted an investigation into the breach, and the organisation’s recovery required a prolonged period of system restoration and security remediation.