Last December 27th the company InfoCertwhich among other things is one of the main Italian identity providers SPID (Public Digital Identity System), was the victim of a serious cyber attack that called into question the security of its systems. The hackers stole and in part published online personal data belonging to millions of usersincluding phone numbers, email addresses and other sensitive information. According to what he reports The Republicthrough the attack «approximately 5.5 million records, 1.1 million phone numbers and 2.5 million email addresses were allegedly exfiltrated». The attack was officially confirmed by the company through an official note, in which InfoCert assured that the access credentials to its services were not compromised.
Stolen data on sale for $1,500 on the dark web
The attack in question, claimed on online forums and specialized social networks by the criminals who perpetrated it, led to the partial publication of the stolen data as “proof” of the authenticity of these statements. The cyber criminals who hacked the InfoCert database have put the stolen data up for sale at the modest price of $1,500a relatively low price when considering the quantity and potential sensitivity of the information exfiltrated. This aspect highlights a worrying accessibility for anyone who wants to acquire such data.
The company, in an official statement, specified that the attack did not actually compromise its systems, but affected a third party supplier whose data were stored in the InfoCert databases. Investigations are underway to fully understand the extent of the accident, and the case has been reported to the competent authorities. InfoCert has promised to update its customers as soon as further details emerge on the nefarious affair.
In its press release, InfoCert also specified that «no access credentials to InfoCert services and/or passwords to access them were compromised in this attack». Since in these cases you can never be too careful, however, we still suggest that you do so change the password to access the InfoCert services that you may use.
How serious is the situation
On It is still too early to say how serious the situation isgiven that we will have to wait for in-depth investigations by InfoCert technicians and, above all, those of the competent authorities before making a real count of the damage. The incident certainly represents an important fact, which should not be taken lightly. The stolen data, in fact, can be sold on the Dark Web, the part of the Internet accessible only through specific software (such as Tor), or used to carry out further attacks, such as phishing or identity theft. All this can represent a real risk for users whose information is included in the data exfiltration perpetrated on December 27th.