ROME (Reuters) – Unknown hackers gained access to thousands of Italian certified email accounts, including those of magistrates and security officials, in a major cyber attack earlier this month, a senior official said on Monday.
Certified emails guarantee the validity of a sender’s identity, as well as the date and time of sending and receiving the email, giving them a clear legal status.
“This was the worst attack we have had since January this year and it has had important repercussions, but … the situation is under control,” said Roberto Baldoni, who is in charge of state cyber security.
That attack was launched on Nov. 12 and targeted a server near Rome which handles certified email accounts for the public administration.
Hackers could have accessed data from around 500,000 accounts, including those of some 9,000 magistrates as well as members of a top inter-governmental security agency.
It was not clear if the accounts of any ministers, spy chiefs or military bigwigs had been breached.
“The only thing we know for sure is that this attack was not launched from Italy,” Baldoni told a news conference.
As a result of the cyber assault, the IT system used by Italy’s appeals courts was suspended and Baldoni urged Italians with certified email accounts to change their passwords immediately.
“It was a serious attack, even if, at first sight, it didn’t seem too refined from a technical perspective,” Baldoni said.