Ransomware Attack on GPI Group by 8Base Ransomware Group

Company Profile

GPI Group S.p.A., is a multinational entity known for its innovative software solutions and technologies aimed at the digital transformation of healthcare. With a presence in over 70 countries and serving more than 3,000 customers, GPI stands out due to its specialization in transfusion software and pharmaceutical robotics.

In 2022, the company reported robust financials with net sales amounting to 356,880 EUR. The firm is listed on the Italian Stock Exchange and features a diverse shareholder structure, including major stakeholders like FM S.p.A. and CDP Equity S.p.A.

Details of the Ransomware Attack

The 8Base group, employing their signature double-extortion tactic, not only encrypted GPI's data but also exfiltrated sensitive information. The stolen data potentially includes invoices, personal employee details, contracts, and other confidential documents.

Vulnerabilities and Target Profile

The company's extensive digital footprint and significant data repositories make it an attractive target for cybercriminals like 8Base. The healthcare sector's critical nature and the necessity for immediate access to data heighten the impact of ransomware attacks, making entities like GPI prime targets for exploitation.

Sources

• GPI Group Official Website
• Borsa Italiana: GPI Group Profile
• GPI Group Investors
• About GPI Group
• VMware Security Blog: 8Base Ransomware
• SOCRadar: 8Base Ransomware Profile