A multi-year hacking scandal in Italy led to the exposure of sensitive personal data of high-profile individuals, including Italian President Sergio Mattarella and former Prime Minister Matteo Renzi.Â
The breach, reportedly orchestrated by the private investigations firm Equalize, involved unauthorized access to a national security database, compromising potentially hundreds of thousands of individuals' information.
The hacking operation, ongoing for at least five years, was allegedly led by former police officer Carmine Gallo and Enrico Pazzali, president of Italian trade conference firm Fondazione Fiera Milano. They, along with two others—Nunzio Samuele Calamucci and Massimiliano Camponovo—have been charged and placed under house arrest.
According to reports, the hackers accessed data by bribing law enforcement officers, planting remote access trojans (RATs), and infiltrating personnel responsible for maintaining the Interior Ministry's computer systems.
The scope of their activities extended beyond mere data breaches. The hackers are accused of selling data to clients and engaging in blackmail, amassing over €3.1 million from the operation.Â
Wiretaps revealed that Calamucci boasted of possessing 800,000 files and 15TB of data from police databases, including records of suspicious financial activity and private bank transactions.
The scandal has sent shockwaves through Italy, with victims including former Milan Mayor Letizia Moratti, AC Milan Chairman Paolo Scaroni, and journalists from major newspapers, among others. The exposed data was reportedly used for extortion purposes, with Judge Fabrizio Filice noting that the suspects "had the whole country in its hands."
The revelations have sparked calls for a thorough investigation into the Interior Ministry's security protocols. Cleanup operations and task forces have been launched, but experts anticipate that legal and cybersecurity investigations will take time to fully unravel the intricacies of the breach.
In addition to the main suspects, several individuals are under investigation for their alleged involvement with Equalize. These include Leonardo Maria Del Vecchio, heir to the Luxottica eyewear fortune, and former Lehman Brothers banker Matteo Arpe. Both have denied any wrongdoing.
The energy group Eni, identified as a client of Equalize for investigative purposes, asserts that it has not suffered any breaches of its computer systems, according to Reuters. Eni has publicly distanced itself from any illicit activities conducted by Equalize, emphasizing its lack of awareness of the firm's criminal undertakings.
As the investigations continue, the full extent of the damage to Italy's political and corporate spheres remains to be seen.
This month, the Intesa Sanpaolo bank informed Italy’s authorities about the recent data breach caused by a former company employee. Thousands of customers’ account details were reportedly affected, including some high-profile figures such as Prime Minister Giorgia Meloni and former Prime Minister Mario Draghi.