We have informed the Italian Data Protection Authority of the violation. Furthermore, in order to resolve the incident and prevent similar events from taking place in the future, the company has identified and substituted the instruments that were the subject of the sophisticated attack and have consequently adapted the systems of continuous monitoring and protection of security. We are also in contact with the credit institutions in order that they may assess the implementation of further measures for your protection.
Detailed and in-depth enquiries have promptly been set up with regards to the dynamics of the attack, in order to:
• understand the extent of the breach of security and the nature of the data violated;
• duly implement suitable technical, operative and organisational measures aimed at mitigating any potential negative effects for our customers;
• block all possible further episodes of illicit access to personal data by unauthorised subjects;
• assess the risks and the impact that the security breach may have for the persons involved;
• identify further measures to limit the possibility that such events may take place in the future.