Breach of Italian Prime Minister’s Financial institution Information Beneath Scrutiny

Intesa Sanpaolo financial institution of Italy this week advised the nation’s knowledge regulator that an worker – who has since been fired – accessed delicate banking particulars of the Italian prime minister, different high politicians and greater than 3,500 clients over the previous two years.

See Additionally: Live Webinar | Maximizing Security Investments Part 2: Uncovering Hidden Budget and Optimizing Cybersecurity Spend

Intesa Sanpaolo, Italy’s largest financial institution, mentioned it detected the breach in July 2024. An inside investigation revealed Vincenzo Coviello, a former worker on the financial institution’s Bisceglie department, accessed delicate data of the purchasers greater than 6,000 occasions between February 2022 to April 2024. Among the many victims are Prime Minister Giorgia Meloni and her household.

The financial institution mentioned it notified the info regulator and filed a grievance as an injured get together with the Public Prosecutor’s Workplace within the Italian city of Bari.

“Our inside management system recognized the person, after which we notified the Italian Information Safety Authority, and dismissed the disloyal worker. We verify that there was no cybersecurity problem,” the financial institution mentioned in a statement.

The financial institution didn’t disclose the kind of knowledge uncovered within the breach. The Italian Information Safety Authority didn’t instantly reply to a request for remark. Beneath the Normal Information Safety Regulation, any firm violating the privateness rule may face a wonderful of as much as 20 million euros, or 4% of the agency’s worldwide annual income.

Along with Meloni and her sister, the previous Intesa worker accessed the info of different Italian high-profile leaders together with former prime ministers Mario Draghi, Enrico Letta and Matteo Renzi, in addition to former Italian protection minister Guido Crosetto.

As a part of the investigation launched by the Bari Public Prosecutor’s Workplace, the Italian authorities confiscated smartphones, tablets and different units from Coviello. He has been charged with abusive entry to pc programs and trying to break the safety of the state. Showing earlier than the courtroom final week, Coviello mentioned he didn’t obtain any data or share the info accessed.

The Italian media outlet ANSA reported that the financial institution first confronted Coviello on July 4 with a disciplinary letter warning him that abusive entry to buyer accounts may be “trigger vital harm to the financial institution’s repute and belongings.” The financial institution fired Coviello on Aug. 8.