Cybercrime,
Fraud Management & Cybercrime
Italian Foreign Minister Denounces Database Breach as a Threat to Democracy
Italy’s Foreign Minister, Antonio Tajani, has publicly denounced the actions of a private investigation company, Equalize, which is alleged to have illicitly accessed government databases to create unauthorized dossiers over several years. This incident has raised significant concerns about the integrity of democratic systems in Italy.
Current investigations led by Milan prosecutors have resulted in four individuals, including prominent figure Carmine Gallo, facing house arrest. Gallo, often referred to as a “super cop,” reportedly maintained secret documents and IT equipment in a garage associated with his secretary, while police investigations revealed further illicit operational infrastructure located in Lithuania.
The Equalize firm allegedly accessed data pertaining to over 800,000 individuals from critical police databases, including systems monitoring suspicious financial activities, tax records, and utility payments. Reports indicate that these breaches occurred between 2019 and March 2024, implicating a wide array of sensitive information.
Tajani emphasized the severity of these breaches, stating that they represent a profound violation of individual privacy, and labeled the actions “unacceptable.” The Foreign Minister’s condemnation highlights the broader implications such an intrusion may have on public trust and democratic governance. Analysts suggest that tactics likely employed in this incident may include initial access through social engineering or credential theft, followed by privilege escalation to access restricted databases.
Furthermore, prosecutors allege that Equalize enjoyed substantial backing from both national and overseas intelligence organizations, suggesting a complex web of collusion involving organized crime. The scale at which this operation was able to infiltrate sensitive governmental systems raises significant alarms over the effectiveness of existing cybersecurity measures in place.
The political imbroglio has led members from the opposition parties to call for a comprehensive parliamentary investigation to ascertain whether government officials were complicit in these illicit activities. As the inquiry unfolds, investigators are focusing on Nunzio Samuele Calamucci, identified as a key figure who reportedly implemented backdoors into police databases, potentially using tactics aligned with the MITRE ATT&CK framework such as command and control to manage the stolen data.
This high-profile case underscores the ongoing threats posed by cybercriminal activities, particularly in the context of public governance and privacy. In recent weeks, the scandal has garnered attention not only due to its targeting of key government databases but also because it coincides with previous incidents involving breaches within Italy’s banking sector, affecting highly sensitive information of state officials, including the Prime Minister herself.
