Hackers may have gained access to the email accounts of some 9,000 magistrates and members of a top inter-governmental security agency in Italy Reuters have reported.
The compromise is the result of a breach that took place on the 12th of November when an attack targeted a server near Rome which handles certified email accounts for the public administration.
Certified email is a type of email that guarantees the authenticity of the sender’s identity, with the certification being done by a neutral third-party. The date and time of sending and receiving the email are saved as well. The process gives emails legal status. A certified email has the same legal validity as a certified mail.
The hack, which was announced by a senior official on Monday, was described as the “the worst attack we have had since January this year” by Roberto Baldoni, the Vice Director General of the Information Security Department leading the National Cybersecurity Architecture.
The frequency of attacks that was implied in that statement doesn’t speak volumes of the security of those servers, but Baldoni did emphasize that the “the situation is under control.”
All we know is that the hack had compromised around 500,000 accounts belonging to magistrates and security officials. It is still unclear, however, if the accounts of ministers, spy chiefs, or high ranking military men or women were exposed.
What Baldoni says he knows for sure was that “this attack was not launched from Italy.” He also stressed that the attack was sophisticated “even if, at first sight, it didn’t seem too refined from a technical perspective.”
Speaking at a news conference, Baldoni urged Italians that have certified email accounts to update their passwords. Following the assault, the IT system of Italy’s appeals courts was suspended.