Italian prosecutors in Milan have revealed an investigation into unauthorized access to some of the country’s most sensitive archives, describing the breach as “a threat to the nation’s democracy.” This network allegedly gained illegal access to state databases containing highly sensitive personal, judicial, and financial information on Italian citizens. Far from mere media hyperbole, the breach involved data that could be exploited to manipulate political decisions or influence corporate actions, posing a serious risk to national security.
Four individuals are under house arrest, and over 60 people are implicated in this data espionage scheme. According to investigators, these individuals illegally gathered sensitive information, later selling it or using it for political or business leverage. The company at the center of the scandal, Equalize, allegedly offered espionage services to a range of clients, revealing a vast, illicit network of information exchange. Investigators highlighted critical vulnerabilities in the protective measures surrounding these databases, noting that the breach exposed both systemic and cybersecurity weaknesses within the government’s data infrastructure.
Among the databases accessed was the SDI (Sistema di Indagine), a police archive established in 1981 to store all public safety data, including records of arrests, complaints, passports, and arms ownership. Access to the SDI is strictly regulated, with law enforcement officers required to use personal passwords and document their reasons for access. However, court documents show that 52,811 unauthorized entries were made into the SDI, with 108,805 additional breaches of judicial and administrative records, including confidential documents from the AISI, Italy’s intelligence agency.
The illicit access appears to have been facilitated by both inside assistance and a cyber attack. Several law enforcement officers are under investigation, accused of providing unauthorized access on behalf of Equalize. The accused include personnel from various Italian police agencies, who, according to prosecutors, used their positions to breach SDI systems. Investigators also uncovered evidence of a Remote Access Trojan (RAT), a hacking tool that enables complete control over a compromised computer. Prosecutors allege Equalize technicians infiltrated this Trojan into the Ministry of Interior’s network, modifying it to evade cybersecurity checks.
Equalize’s reach extended beyond SDI to other crucial databases, including the Suspicious Activity Reports (SOS) database, managed by the Bank of Italy. The SOS system is used to flag potential money laundering and terrorist financing. Additionally, they accessed the Serpico database from the Italian Revenue Agency, containing taxpayer records, and the ANPR, Italy’s national registry of residents. These breaches underscore the ease with which sensitive government records can be compromised and sold or used for illicit purposes.
This case has highlighted severe gaps in the security of Italy’s national information systems, raising questions about the adequacy of current safeguards. As Italian authorities seek to prevent further infiltration, the incident has sparked national concern about the state’s ability to protect its citizens’ data.
