Wind Tre Fined €1.7 Million for Major Data Breach Affecting 365,000 Customers

Wind Tre Fined €1.7 Million for Major Data Breach Affecting 365,000 Customers

First seen 17 Jul 2026, 21:52 UTC www.garanteprivacy.itwww.trameetech.it 72% similarity 69.0

Article Content

Browse articles
ThreatCluster

Wind Tre Spa has been fined €1,715,600 by the Garante per la protezione dei dati personali due to severe security deficiencies that led to two data breaches affecting over 365,000 customers. The breaches occurred when hackers impersonated technical support, gaining unauthorized access to the company's systems at retail locations. The first incident involved access to data of 23 customers, while the second allowed attackers to conduct approximately 2 million database queries, exposing personal and payment information of over 41,000 users. The Garante identified significant flaws in the management of access credentials and digital certificates, which facilitated the breaches. Wind Tre has since implemented corrective measures, including revoking compromised certificates and enhancing security protocols. The company is required to report back to the Garante within 30 days regarding compliance with the imposed measures.

Key Points: • Wind Tre fined €1.7 million for serious data security failures. • Over 365,000 customers affected, with sensitive payment data exposed. • Attackers used social engineering to gain unauthorized access to systems.

ThreatCluster AI

Timeline

2025-02-01
Wind Tre reports data breaches
The company notified the Garante about two data breaches that occurred at retail locations.
Garante per la protezione dei dati personali
2026-07-17
Garante fines Wind Tre
The Garante imposed a €1.7 million fine due to severe security deficiencies leading to data breaches.
Garante per la protezione dei dati personali
2026-07-17
Wind Tre implements corrective measures
Following the breaches, Wind Tre enhanced security protocols and revoked compromised certificates.
Trameetech

Community

Browse all →