IN late April 2026, Sistemi Informativi, an IBM Italy subsidiary that provides IT infrastructure management for public and private institutions, suffered a breach that has prompted concerns about Chinese-linked cyber operations in Europe, according to La Repubblica. IBM confirmed the security incident, stating that it had identified and contained the breach and activated incident response protocols involving both in-house and external specialists, with systems later stabilised and services restored.
While forensic investigations continue, multiple intelligence sources cited by La Repubblica point to the China-linked cyber espionage group Salt Typhoon. Salt Typhoon has been active since at least 2019 and is described as a highly capable APT linked to Chinese state interests, with a focus on critical infrastructure and backbone networks through supply-chain vulnerabilities and zero-day exploits.
The incident highlights the risk posed by third-party IT providers, since compromising one integrator can expose connections to multiple government databases and national networks. If confirmed, the attack would mark one of the most ambitious cyber operations targeting Italy’s public infrastructure in recent years.