MILAN (Reuters) -Italian asset manager Azimut said on Monday it had suffered a cyberattack that did not harm its customers’ sensitive data, and had received a ransom request which it rebuffed.
Israeli hacking monitoring start-up DarkFeed said the attack was carried out by BlackCat, the same ransomware group which in September stole large amounts of data from state-owned Italian energy services firm GSE.
Tel Aviv-based DarkFeed said on its website that Azimut had been hit on July 21, listing it as one of BlackCat’s 477 victims. Azimut had no immediate comment.
BlackCat, also known as ALPHV, emerged in late 2021 and is known for having launched sophisticated attacks on scores of companies across the U.S. and Europe.
“The attack did not affect data or information that might allow access to the personal position of clients and financial advisors or the execution of unauthorised transactions,” Azimut in a statement.
Californian cybersecurity firm Palo Alto also said BlackCat was behind the attack.
It said the hackers wrote on their leak site they had stolen more than 500GB (Gigabytes) of confidential data from Azimut, one of 23 organisations targeted in July alone.
Palo Alto Networks Unit 42 said that, based on its leak site tracking, BlackCat was the second most active multi-extortion ransomware group, after LockBit.
“We’ve seen a swath of industries [among its targets] from law firms, engineering firms, health care systems, manufacturing and more,” it said.
Azimut, which manages 85 billion euros in assets, of which just over half are in Italy, said it had detected an unauthorized access to its IT systems as part of its normal monitoring activity.
It had informed the relevant authorities and had run an internal safety procedure which “successfully limited the impact of the criminal action”, it said.
(Reporting by Elvira Pollina and Valentina Za, editing by Gavin Jones)