Ransomware victim disclosure
← All victimsConsorzio Innova
listed as https://www.consorzioinnova.it · Claimed by Alphalocker · listed 2 years ago
Status timeline
- ListedMar 9, 2024
- Data leakeddate unknown
At a glance
- Group
- Alphalocker
- Status
- Data leaked
- Country
- Italy
- Sector
- Business Services
- Listed on leak site
- Mar 9, 2024
- Data size
- 225 GB
About the victim
AI dossier — public-source company profileConsorzio Innova is an Italian consortium of enterprises specializing in construction, plant engineering, and services for public entities, industry, and tertiary sectors. With 1,050 member companies, 12 operational locations, and a 2025 production value of €430 million, it operates across building, infrastructure works, renewable energy, and facility management with ISO certifications (9001, 14001, 45001, 39001).
- Industry
- Construction, Infrastructure & Engineering Services
- Address
- Via G. Papini, 18 - 40128 Bologna, Italy (Sede Legale); Via Della Cooperazione, 9 - 40129 Bologna, Italy (Sede Operativa)
- Employees
- 1050
Attack summary
Severity: high — Confirmed exfiltration and publication of 225 GB of data including employee and client information from a large enterprise consortium; significant scale and PII exposure across 1,050+ member companies.Alphalocker claims to have exfiltrated 225 GB of data including employee records, client information, and databases from Consorzio Innova. The group has published the data.
Data the group says was taken
AI dossier — extracted from the leak post- employee records
- client data
- databases
What the group claims
225GB DATAemployeesclientsdatabase and etc
Sources
Source
Indexed 2 years agoThis page surfaces a public ransomware disclosure indexed by Darkfield. Original posts come from the operator's own leak site; we cross-check against ransomware.live, RansomLook and RansomWatch where applicable. Share this URL freely.
Is this your supplier? Your competitor? You?
Pro plans monitor your domain, corporate emails, and crypto wallets across every new ransomware leak-site post, breach dump and Telegram callout — alerts within 5 minutes.

