Federica Bigardi reports that Zambon , an Italian pharmaceutical firm, suffered a cyber attack (translation):
The attack was identified and quickly isolated from Zambon’s information systems, which as a precautionary measure suspended activities at the Vicenza plant employing 217 people.
Production was stopped for 5 days while the IT department investigated and resolved the attack without further incident.
Read more on Sicurezza.net.
DataBreaches.net notes that the threat actors behind the attack are the group known as Babuk, and they claim to have exfiltrated about 10 GB of data from zambongroup.com (which redirects to zambon.com).
“Hello, we have been inside your network for about 7 months and have made complete replicas of your servers, we strongly recommend that you contact us. otherwise, this data will go to the public.”
Some data has already been publicly dumped.