Ransomware Disrupts Operations at Italian Water Management Company

May 22, 2023

INCIDENT

Alto Calore Servizi SpA, an Italian company that provides drinking water to nearly half a million people, is experiencing some technical disruptions following a ransomware attack. The company But on Friday, the company said a recent hack rendered all of their IT systems unusable.

The company runs the collection, supply and distribution of drinking water for 125 municipalities Avellino and Benevento β€” two provinces in southern Italy. The government-run company manages 58 million cubic meters of water a year and manages sewage and purification services for both provinces. β€œIt will not be possible to carry out any operations or provide information that requires querying the database,” the company said. The organization did not respond to requests for comment about whether customers are impacted by the incident, but it appears the distribution of water is not affected by the attack.

On Tuesday, the Medusa ransomware group took credit for the attack and said they were giving the water company seven days to pay a ransom. Medusa provided samples of the data it stole and, like with other victims, offered them several options: pay $10,000 to extend the ransom deadline one day or $100,000 to delete all of the data taken. The group said it took customer data, contracts, minutes from board meetings, reports, pipe distribution information, expansion documents and more.

The company did not respond to requests for comment about when systems may be restored or if a ransom would be paid.

Incident Date

April 28, 2023

Location

Italy

Estimated Cost

$100,000 ransom demand

Type of Malware

No Malware identified

Threat Source

No threat source identified