Ransomware victim disclosure
← All victimsACEA SpA
Claimed by Worldleaks · listed 11 months ago
Status timeline
- ListedAug 7, 2025
- Data leakeddate unknown
At a glance
- Group
- Worldleaks
- Status
- Data leaked
- Country
- Italy
- Sector
- Energy
- Listed on leak site
- Aug 7, 2025
About the victim
AI dossier — public-source company profileACEA SpA is a major Italian utility company headquartered in Rome, founded in 1909. It operates through multiple subsidiaries managing water service distribution across Italy (including Rome and Frosinone), electricity production and distribution, gas distribution, waste treatment and valorization, and renewable energy production. The group also provides engineering services and laboratory analysis.
- Industry
- Utilities & Infrastructure (Water, Electricity, Gas, Waste Management)
- Address
- Rome, Italy
- Founded
- 1909
Attack summary
Severity: high — ACEA is critical infrastructure operator (water, electricity, gas) serving millions in Italy. Confirmed data exfiltration from such an operator poses significant risks to operational security and public utility integrity, even without specifics on data type or volume.The worldleaks group claims to have exfiltrated data from ACEA SpA. No specific details on encryption, operational disruption, or data categories are provided in the available post excerpt.
Data the group says was taken
AI dossier — extracted from the leak post- Corporate/operational records
- Business data
Original description
AI-summarised, not from the leak postACEA SpA is an Italian utility company that distributes and produces electricity, gas, water, and energy. It operates in various sectors such as electricity, water, and environment. It manages the water service in Rome and Frosinone, and parts of other Italian provinces. Furthermore, it is involved in energy production from renewable sources and waste disposal management. Founded in 1909, the Rome-based company is one of the major players in Italy's utilities sector.
Sources
Source
Indexed 11 months agoThis page surfaces a public ransomware disclosure indexed by Darkfield. Original posts come from the operator's own leak site; we cross-check against ransomware.live, RansomLook and RansomWatch where applicable. Share this URL freely.
Is this your supplier? Your competitor? You?
Pro plans monitor your domain, corporate emails, and crypto wallets across every new ransomware leak-site post, breach dump and Telegram callout — alerts within 5 minutes.

