Prosecutors in Milan have uncovered a network of hackers and former law enforcement officials accused of using malware and insider contacts to break into several government databases, including the Interior Ministry.

The group allegedly accessed over 800,000 confidential records, even targeting accounts linked to the president’s office.

“No state governed by the rule of law can tolerate this,” Prime Minister Giorgia Meloni commented on the investigation.

The investigation, led by Milan’s anti-mafia prosecutor Francesco De Tommasi, reveals links between the alleged criminal association and high-ranking officials in various sectors, including organised crime and Italian and foreign intelligence services.

In the documents, the prosecutors describe the group as a “danger to democracy” and a “gang that can hold institutions in its grip”.

The documents show that members of the organisation often boasted of their ability to interfere in criminal investigations and legal proceedings and sold their reports to their “top clients”, who were very high-profile people in Italy.

Prosecutors said on Saturday that the operation was allegedly led by private investigation firm Equalize and structured in a “cluster format”, with each participant having contacts in law enforcement and other public bodies allegedly exploited to gain illegal access to information.

In intercepted calls between Nunzio Calamucci, an alleged key operative in the network and associate of Equalize’s CEO, and former senior police officer Carmine Gallo, Calamucci warns of the risks of attaching official documents such as bank statements and police records to reports, saying that “these attachments inevitably attract attention”.

One major revelation concerns the alleged infiltration of the Home Office’s data centre. In an October 2022 wiretap, Calamucci claimed that their access was based on a two-pronged strategy: a ‘RAT’ virus inserted into the ministry’s servers and the placement of trusted insiders within the data centre’s maintenance team.

“We have a huge advantage with this setup for the time being, although that won’t last forever,” Calamucci reportedly said in the intercepted calls, suggesting a race to download as much information as possible before the breach was discovered.

“We’ve got four and a half years’ worth of data lead,” he reportedly added.

Another significant breach may involve the office of Italian President Sergio Mattarella. A wiretapped conversation from October 2022 shows Calamucci telling Gallo that he had “accessed or cloned” an email address belonging to Mattarella.

He noted an apparent warning from a contact to use an “untraceable printer” to print sensitive documents and expressed concern that the cloned account might attract unwanted attention.

The seized hard drives allegedly contained extensive police database records – known as SDI data – and were found to contain up to 15 terabytes of classified information, according to prosecutors.

In a January phone call with Gallo, Calamucci reportedly boasted of having “800,000 SDI records” and spoke of plans to organise or transfer “six to seven million USB sticks” containing large amounts of sensitive data.

Meloni, in excerpts from journalist Bruno Vespa’s book published on Sunday, said that no state based on the rule of law could tolerate the illegal collection of files.

Meanwhile, the Bari Public Prosecutor’s Office has opened an investigation against a former Intesa Sanpaolo employee accused of unauthorised access to the bank accounts of VIP customers on almost 7,000 occasions.

Among those allegedly targeted are Meloni herself, Senate President Ignazio La Russa, Meloni’s sister Arianna – chief of staff for Meloni’s Fratelli d’Italia party – and two government ministers.

“Regarding the dossiers, I expect the judiciary to investigate fully,” stressed Meloni.

“In the best-case scenario, this was a system of blackmail and extortion, but in the worst case, we are dealing with the crime of subversion,” she added.

(Alessia Peretti | Euractiv.it)