web analytics

Breach of Italian Prime Minister’s Bank Info Under Scrutiny – Source: www.databreachtoday.com

breach-of-italian-prime-minister’s-bank-info-under-scrutiny-–-source:-wwwdatabreachtoday.com
Rate this post

Source: www.databreachtoday.com – Author:

Finance & Banking , Governance & Risk Management , Industry Specific

Data Regulator Likely Reviewing Insider Threat Case at Intesa Sanpaolo Bank Akshaya Asokan (asokan_akshaya) • October 15, 2024    

Breach of Italian Prime Minister’s Bank Info Under Scrutiny
An Intesa Sanpaolo branch (Image: flickr)

Intesa Sanpaolo bank of Italy this week told the country’s data regulator that an employee – who has since been fired – accessed sensitive banking details of the Italian prime minister, other top politicians and more than 3,500 customers over the past two years.

See Also: Live Webinar | Maximizing Security Investments Part 2: Uncovering Hidden Budget and Optimizing Cybersecurity Spend

Intesa Sanpaolo, Italy’s largest bank, said it detected the breach in July 2024. An internal investigation revealed Vincenzo Coviello, a former employee at the bank’s Bisceglie branch, accessed sensitive information of the customers more than 6,000 times between February 2022 to April 2024. Among the victims are Prime Minister Giorgia Meloni and her family.

The bank said it notified the data regulator and filed a complaint as an injured party with the Public Prosecutor’s Office in the Italian town of Bari.

“Our internal control system identified the individual, after which we notified the Italian Data Protection Authority, and dismissed the disloyal employee. We confirm that there was no cybersecurity issue,” the bank said in a statement.

The bank did not disclose the type of data exposed in the breach. The Italian Data Protection Authority did not immediately respond to a request for comment. Under the General Data Protection Regulation, any company violating the privacy rule could face a fine of up to 20 million euros, or 4% of the firm’s worldwide annual revenue.

In addition to Meloni and her sister, the former Intesa employee accessed the data of other Italian high-profile leaders including former Prime Ministers Mario Draghi, Enrico Letta and Matteo Renzi, as well as former Italian defense minister Guido Crosetto.

As part of the investigation launched by the Bari Public Prosecutor’s Office, the Italian authorities confiscated smartphones, tablets and other devices from Coviello. He has been charged with abusive access to computer systems and attempting to damage the security of the state. Appearing before the court last week, Coviello said he did not download any information or share the data accessed.

The Italian media outlet ANSA reported that the bank first confronted Coviello on July 4 with a disciplinary letter warning him that abusive access to customer accounts could “cause significant damage to the bank’s reputation and assets.” The bank fired Coviello on Aug. 8.

Original Post url: https://www.databreachtoday.com/breach-italian-prime-ministers-bank-info-under-scrutiny-a-26533

Category & Tags: –

Views: 0

LinkedIn
Twitter
Facebook
WhatsApp
Email

advisor pick´S post

Nathalie Cole
How Much 10 Companies Paid Their Virtual CISO Service in 2022 Benchmark by Nathaniel Cole
How Much 10 Companies Paid...
Tushar Subhra Dutta
Top 10 Cyber Attack Maps to See Digital Threats 2022 by Tushar Subhra Dutta – Cyber Security News.
Top 10 Cyber Attack Maps...
Microsoft
Microsoft Zero Trust Maturity Model
Microsoft Zero Trust Maturity Model
US Deparment of Defense
DevSecOps Fundamentals Guidebook – Tools & Activities by American Deparment of Defense
DevSecOps Fundamentals Guidebook – Tools...
Microsoft
Microsoft 365 and the NIST Cybersecurity Framework
Microsoft 365 and the NIST...
ACSC Australia
Cyber Incident Response Plan Template by ACSC & Australian Goverment
Cyber Incident Response Plan Template...
Marcos Jaimovich
The Silent Spectre Haunting Your Network: QPhishing, the CISO’s Unspoken Nightmare.
The Silent Spectre Haunting Your...
Marcos Jaimovich
Goodbye to Traditional: Why Conventional Cybersecurity Tools are No Longer Sufficient for the Future of Digital Threats ?
Goodbye to Traditional: Why Conventional...
Marcos Jaimovich
Why do we compare a SOC (Security Operations Center) with the cockpit of a commercial airplane? by Marcos Jaimovich
Why do we compare a...
Joas Antonio
Security Operations Center (SOC) – Tools for Operations Development by Joas Antonio
Security Operations Center (SOC) –...
IZZMIER
Incident Response Playbooks & Workflows Ready for use in your SOC & Redteams
Incident Response Playbooks & Workflows...
LOGPOINT
396 Use Cases & Siem Rules Code ready for use for Mitre Attacks Events Detection in Your SOC by Logpoint
396 Use Cases & Siem...

LASTEST PUBLISHED POSTS

CYZEA.IO
Enterprise Information Security
Enterprise Information Security
IGNITE Technologies
ENCRYPTED REVERSE
ENCRYPTED REVERSE
Federal Office for Information Security
El estado de la seguridad informática en Alemania en 2023
El estado de la seguridad...
Microsoft
GDPR & Generative AI
GDPR & Generative AI
European Union Agency for Fundamental Rights
GDPR IN PRACTICE
GDPR IN PRACTICE
FS.ISAC
Navigating Cyber
Navigating Cyber
KPMG
Fraud risk management
Fraud risk management
CYFIRMA
Fletchen Stealer
Fletchen Stealer
IGNITE Technologies
FILE TRANSFER CHEAT SHEET
FILE TRANSFER CHEAT SHEET
Securesee
CYBER CRISIS INVESTIGATION AND MANAGEMENT
CYBER CRISIS INVESTIGATION AND MANAGEMENT
ACN
Guidelines for secure AI system development
Guidelines for secure AI system...
Incibe
Ciberseguridad en Smart Toys
Ciberseguridad en Smart Toys

More Latest Published Posts

Kaspersky
Incident Response Playbook: Dark Web Breaches
Incident Response Playbook: Dark Web Breaches
ninjaOne
Endpoint Hardening Checklist
Endpoint Hardening Checklist
HADESS
Important Active Directory Attribute
Important Active Directory Attribute
ISA GLOBAL CYBERSECURITY ALLIANCE
IIoT System Implementation and Certification Based on ISA/IEC 62443 Standards
IIoT System Implementation and Certification Based on ISA/IEC 62443 Standards
Rajneesh Gupta
IAM Security CHECKLIST
IAM Security CHECKLIST
sqrrl
Hunt Evil
Hunt Evil
Searchinform
How to protect personal data and comply with regulations
How to protect personal data and comply with regulations
Giuseppe Manco
Threat Intelligence Platforms
Threat Intelligence Platforms
CSA Cloud Security Alliance
Hardware Security Module(HSM) as a Service
Hardware Security Module(HSM) as a Service
IGNITE Technologies
CREDENTIAL DUMPING FAKE SERVICES
CREDENTIAL DUMPING FAKE SERVICES
IGNITE Technologies
A Detailed Guide on Covenant
A Detailed Guide on Covenant
NIST
Computer Security Incident Handling Guide
Computer Security Incident Handling Guide
IGNITE Technologies
DIGITAL FORENSIC FTK IMAGER
DIGITAL FORENSIC FTK IMAGER
Accedere
Cloud Security Assessment
Cloud Security Assessment
YL VENTURES
CISO Reporting Landscape 2024
CISO Reporting Landscape 2024
CISO Edition
Reporting Cyber Risk to Boards
Reporting Cyber Risk to Boards
CIOB
CIOB Artificial Intelligence (AI) Playbook 2024
CIOB Artificial Intelligence (AI) Playbook 2024
INCIBE & SPAIN GOVERNMENT
Nuevas normativas de 2024 de ciberseguridad para vehículos
Nuevas normativas de 2024 de ciberseguridad para vehículos
INNOVERY
RESILIENCIA
RESILIENCIA
CEH
Certifications Preparation Guide
Certifications Preparation Guide
Sandhya Kaushik
Checklist for Securing Your Android Apps
Checklist for Securing Your Android Apps
aDvens
May Cyber Threat Intelligence monthly report
May Cyber Threat Intelligence monthly report
Insikt Group
Caught in the Net
Caught in the Net
IGNITE Technologies
BURP SUITE FOR PENTESTER TURBO INTRUDER
BURP SUITE FOR PENTESTER TURBO INTRUDER
SYED ABUTHAHIR
BUG BOUNTY AUTOMATION WITH PYTHON
BUG BOUNTY AUTOMATION WITH PYTHON
Foresiet
Brand Impersonation Attacks
Brand Impersonation Attacks
Google Cloud
Board of Directors Handbook for Cloud Risk Governance
Board of Directors Handbook for Cloud Risk Governance
ISACA
Blueprint for Ransomware Defense
Blueprint for Ransomware Defense