Cybercrime group RansomHouse claims to have compromised eight Italian districts. The group has published 2.1 TB of exfiltrated data from the IT infrastructures of the union of Tuscan municipalities, in the metropolitan city of Florence.
It appears that the Windows Domain Controller has been breached and the administrative accounts of the union network workstations were probably used. RansomHouse created several folders, among which is a “GDPR” folder. This contains identity documents, health cards, "green passes" (COVID-19 vaccination certificates), tender documents, internal regulations, scans of fines, bank documents and other sensitive information.
In the published message, RansomHouse announced a new wave of attacks against government structures in Italy, citing weaknesses like the presence of passwords such as '12345678' for critical resources that store sensitive data.
The Active Protection included in Acronis Cyber Protect Cloud detects and blocks ransomware, and while the Advanced Data Loss Prevention pack monitors your data movement and prevents exfiltration, helping you to maintain compliance with security regulations.