Ransomware Group: WORLDLEAKS

VICTIM NAME: Tiscali SPA

NOTE: No files or stolen information are [exfiltrated/downloaded/taken/hosted/seen/reposted/disclosed] by RedPacket Security. Any legal issues relating to the content of the files should be directed at the attackers directly, not RedPacket Security. This blog is simply posting an editorial news post informing that a company has fallen victim to a ransomware attack. RedPacket Security is in no way affiliated or aligned with any ransomware threat actors or groups and will not host infringing content. The information on this page is fully automated and redacted whilst being scraped directly from the WORLDLEAKS Onion Dark Web Tor Blog page.

AI Generated Summary of the Ransomware Leak Page

The leak pertains to Tiscali SPA, an Italian telecommunications provider headquartered in Cagliari. Founded in 1998, the company offers a wide range of digital communication services including broadband internet, dial-up connections, and television services, serving primarily the Italian domestic market. The breach was discovered on June 29, 2025, and the attack date is recorded as June 28, 2025. The compromised information was published on a dark web platform, with the leak suggesting that sensitive operational data may be involved. The leak also includes links to potential data download options, indicating that confidential information could be accessible to malicious entities. The page features no visible images or screenshots, but it emphasizes the severity of the breach by listing the victim company’s core services and historical significance in Italy’s digital infrastructure.

The victim, Tiscali SPA, is a notable player in Italy’s telecommunications sector, especially recognized for being one of the pioneers in providing ADSL internet services. The compromised data poses a risk to the company’s operational security, potentially affecting customer confidentiality and network integrity. This incident highlights the increasing cybersecurity threats facing critical digital infrastructure providers in Europe. As this leak is publicly accessible via the provided dark web address, stakeholders are advised to monitor for any misuse of the information and to strengthen security protocols accordingly.