Italian Telecom Operator Fined $2M Over Data Breach

Italy's data protection authority has fined telecoms operator WINDTRE €1.7 million (~$2 million) for "serious shortcomings" in its data security systems, following two unauthorized breaches that exposed personal information belonging to more than 365,000 customers. Compromised data included personal and contact details, with payment information — partially obscured credit card numbers, expiration dates, and bank account details — affecting 41,359 customers. A very similar pattern to this incident was recently used by the Silent Ransom Group against U.S. law firms and by ShinyHunters affiliates against SaaS-connected enterprises.

The regulator found WINDTRE had failed to adequately monitor access credentials and manage digital certificates, and that its own security checks missed vulnerabilities more thorough assessments would have caught. GDPR enforcement makes the downstream cost concrete: fines, mandated remediation, and public findings that name specific control failures.

Reducing this exposure requires visibility that spans identity events, endpoint activity, and network behavior — not just perimeter controls. Effective controls include behavioral analytics on credential use and privilege escalation, baselining of access to customer databases by role and location, DNS and TLS metadata analysis to catch outbound activity to attacker infrastructure, and packet-level capture with long retention for forensic scoping. Unified platforms like NIKSUN — which consolidate visibility of the network, endpoints, cloud, applications, hardware infrastructure, threat intelligence, and more into a single data lake with AI-driven analytics and forensics — give telecom and enterprise security teams the cross-domain context needed to catch social-engineering-driven credential abuse in progress, quantify customer impact quickly, and produce the evidence regulators demand under GDPR and equivalent frameworks. Read more about this story on our LinkedIn page

We use cookies to offer you a better browsing experience and to analyze site traffic. By using our site, you consent to our use of cookies.

Essential Cookies
Site Analytics