Data Security , Critical Infrastructure Security , Threat Intelligence Chinese-linked Salt Typhoon suspected in Italy’s Sistemi Informativi breach May 4, 2026 Share By SC Staff (Adobe Stock) As reported by Security Affairs, a significant cybersecurity incident at Sistemi Informativi, an IBM Italy subsidiary, has raised alarms regarding the escalating activities of Chinese-linked cyber operations across Europe, with the group Salt Typhoon being a prime suspect. The breach, which occurred in late April 2026, impacted Sistemi Informativi, a critical IT infrastructure provider for numerous Italian public and private entities. IBM confirmed the incident, stating that systems are now stable, but offered no details on the scope. Multiple intelligence sources suggest the China-linked cyber espionage group Salt Typhoon may be responsible. Salt Typhoon, active since at least 2019, is known for its sophisticated attacks, often exploiting supply-chain vulnerabilities and zero-day exploits in systems like Citrix and Cisco. The group has previously targeted European telecom providers, Viasat, Canadian telecom firms, the U.S. Army National Guard, and Dutch government networks. If confirmed, this attack on Sistemi Informativi could expose sensitive data and provide attackers with access to Italy's critical digital infrastructure. Source: Security Affairs SC Staff Related Data Security Instructure confirms data breach, ShinyHunters claims responsibility SC Staff May 4, 2026 Instructure, known for its Canvas learning management system, disclosed the breach on Friday and stated that personal information of users was exposed. Data Security Instructure investigates cybersecurity incident impacting Canvas platform SC Staff May 4, 2026 Instructure confirmed that a criminal threat actor perpetrated the incident and that the company is working with external forensics experts to understand the full extent of the breach. Data Security Medicare directory exposes Social Security numbers of US healthcare providers SC Staff May 1, 2026 The database, intended to populate a Medicare directory launched by CMS as part of plans to modernize Medicare, was left publicly accessible. Related Events Cybercast Beyond the Hype: The Cybersecurity Trends CISOs are Keeping an Eye on in 2026 On-Demand Event Cybercast Beyond the data perimeter: Why next-generation DSPM is the foundation for modern data security On-Demand Event Virtual Conference Securing the Future of Finance: Strategies to Counter Modern Cyber Threats On-Demand Event Get daily email updates SC Media's daily must-read of the most current and pressing daily news Business Email By clicking the Subscribe button below, you agree to SC Media Terms of Use and Privacy Policy . Subscribe Related Terms Backdoor Bit Botnet Brute Force Business Email Compromise (BEC) Checksum Cipher Corruption Cyclic Redundancy Check (CRC) Information Warfare You can skip this ad in 5 seconds