Share of cyberattacks in Italy 2024, by reason
During the first half of 2024, around 88 percent of cyberattacks carried out in Italy had cybercrime as a purpose. Cyber espionage was another motivation, representing the main reason behind roughly four percent of attacks. By contrast, information warfare only accounted for two percent of the cyberattacks in the country in the last examined period.
Data breaches in Italy
In 2023, over half of the Italian digital population was alerted that their personal data had been breached, and 77.5 percent of the alerted users had the misfortune of being affected by data compromise on the dark web. Despite a decrease in the number of data sets affected in data breaches between 2020 and 2023, Italy recorded almost one million exposed data sets at the beginning of 2023.
Meanwhile, the average cost of data breaches for both Italian companies and targeted users kept growing, reaching 4.73 million U.S. dollars in 2024, up from the 3.86 million U.S. dollars recorded in the previous year.
The Italian privacy landscape: GDPR effects
As a state member of the European Union, Italy is covered by the General Data Protection Regulation (GDPR). Since 2018, the GDPR has regulated online data privacy and has the responsibility to represent consumers’ interests within the digital and tech landscape of the Union. As of 2023, approximately 265 fines were issued in Italy due to violations of the GDPR – making Italy the second country in Europe with the highest number of violations dispensed to tech companies. The highest GDPR fine ever issued in Italy was at the expense of Telecom Italia (TIM), one of the largest Italian telecommunications companies. TIM was fined approximately 27.8 million euros in January 2020. GDPR is enforced and helped by the country's Garante della Privacy, the national institution overseeing Italian users’ online rights, cybersecurity, and digital privacy.
