Techtimes
WINDTRE Fined €1.7 Million for Data Breaches Exposing 365,000 Customers
Ask AI about this cluster
Analyzing cluster data...
Referenced clusters:
Something went wrong. Please try again.
Cluster AI
Ask questions about this threat cluster with AI-powered analysis.
Get Researcher $29.99/moArticle Content
WINDTRE S.p.A. was fined €1.7 million by Italy's data protection authority due to two significant data breaches that exposed the personal information of over 365,000 customers. The breaches occurred in February 2025 when hackers impersonated technical support staff and gained unauthorized access to the company's internal customer database. The attackers executed approximately 2 million queries, retrieving sensitive data including names, addresses, and partially obscured payment information. The investigation revealed that WINDTRE failed to manage access credentials properly and did not have adequate security checks in place to detect the breaches. The regulator has mandated improvements in WINDTRE's cybersecurity protocols and credential management. This incident highlights the vulnerabilities of social engineering attacks in bypassing security measures without the need for malware.
Key Points: • WINDTRE fined €1.7 million for serious data security shortcomings. • Over 365,000 customer records were exposed due to social engineering attacks. • Regulator found inadequate management of access credentials and security checks.