Table of contents
- A scorching summer for cyber security
- Not the first time
- Who is WorldLeaks
- What’s in the 2.9 TB of data?
A scorching summer for cyber security
Cybercrime never sleeps — not even in summer. Just a few days ago, WorldLeaks, a well-known cybercriminal group, claimed responsibility for a ransomware attack on Acea, the Italian utility giant managing water, energy, and environmental services across Rome and five other regions.
According to RansomNews, the attackers followed the typical ransomware scheme: infiltrate systems, exfiltrate data, demand payment, and eventually publish the stolen files. Acea reportedly ignored the ransom deadline of July 29, leading WorldLeaks to release 2.9 Terabytes of sensitive data online. Despite the leak, the company has confirmed that essential services to citizens and businesses were not disrupted.
Not the first time
This isn’t the first cyberattack against Acea. Back in 2023, it was BlackBasta, another ransomware gang, that compromised 800 GB of company data and temporarily took down Acea’s official website. Though water and electricity distribution were not impacted, users were locked out of their personal areas for nearly 24 hours.
As with the current incident, Acea quickly secured its systems and notified regulatory authorities. However, the recurrence of such attacks raises serious concerns about the resilience of the company’s IT infrastructure and cyber security practices.
Who is WorldLeaks
The name might be new, but the actors are familiar. WorldLeaks is essentially a rebranding of Hunters International, an infamous cybercriminal group active mainly in North America between 2023 and 2024.
Known for its double extortion tactics — encrypting victims’ data and threatening public exposure — Hunters shut down in May 2024.
But its members regrouped under a new name. Since early 2025, WorldLeaks has been responsible for at least 20 attacks, leaking stolen data from 17 victims. Their strategy is more about reputational damage than technical sabotage — exploiting public fear and corporate shame to extract ransoms.
What’s in the 2.9 TB of data?
Acea has yet to disclose the contents of the massive 2.9 TB data dump, but cyber security experts fear the worst: personal information, internal documents, technical specs, or even details about critical infrastructure could be exposed.
Authorities — including the Italian Data Protection Authority — are now working to assess the scale of the breach and whether GDPR violations may have occurred.