In 2024, the Russian group Black Basta published the medical reports of millions of Italians in the Synlab system.
72% confidence
HealthItaly
Omissions
The exact number of affected Italian patients ('millions') could not be verified from publicly available sources. No official Synlab disclosure, Italian Data Protection Authority (Garante) finding, or law enforcement statement confirming the number of individuals whose medical reports were published was located.
The claim uses the term 'published' without specifying that the data was posted on a dark-web leak site, not on the public internet — a nuance relevant to understanding the nature and accessibility of the breach.
None of the sources found explicitly confirm that the published data included individual 'medical reports' (referti medici) as opposed to other categories of personal or corporate data, though the data is described as 'sensitive medical data' and 'customer data.'
The sources found are all cybersecurity news outlets/blog posts; no primary official source (Synlab corporate statement, Italian DPA, or law enforcement report) was located confirming the specific scope or victim count.
Sources
SecondarySecurity AffairsThe Blackbasta extortion group claimed responsibility for the attack that in April severely impacted the operations of Synlab Italia.
SecondarySC MediaSynlab Italia was claimed to be compromised by the Black Basta ransomware operation, which purportedly stole 1.5TB of data from the major medical diagnosis services provider.
SecondaryHelp Net SecurityThe group claimed the attack on their leak site on Saturday and says they have exfiltrated approximately 1.5 TB of company and customer data, and have published some of the stolen documents.
SecondaryNeteye Blog (SOC News)In early May, ransomware group BlackBasta claimed responsibility for the attack, saying it had stolen 1.5TB of sensitive medical data from the compromised Italian infrastructure and that SYNLAB data was published on the Dark Web.