On October 27, 2024, one of the most iconic Italian furniture brands woke up to a digital nightmare. Today more than ever, staff training is the most effective weapon against cybercrime.
The sofa that welcomed us in the living room, the armchair we relaxed in many times after a long day: Poltronesofà has accompanied the domestic life of millions of Italians. Yet, on the evening of October 27, the company experienced an attack that had little to do with padding and fabrics, and much to do with an increasingly unsettling reality: ransomware. Unidentified individuals managed to penetrate the group’s servers, encrypting files and paralyzing virtual machines. Within a few hours, thousands of customers’ personal data ended up in the wrong hands.
The dynamics of the attack: a precise and devastating blow
The attack on Poltronesofà exhibits all the typical characteristics of a modern ransomware: fast, coordinated, and targeted. Cybercriminals compromised company servers, encrypting stored data and temporarily making crucial information inaccessible. The company reacted promptly, isolating affected systems and engaging cybersecurity specialists, but the damage was already done.
The potentially stolen data includes names, surnames, tax codes, postal addresses, emails, and phone numbers of thousands of customers. Fortunately, according to the company, no banking or credit card data was involved. A small consolation, considering that the stolen information is more than enough to orchestrate sophisticated targeted phishing campaigns, phone scams, and other forms of social engineering.
According to GDPR regulations, Poltronesofà had to inform all affected customers within a short timeframe, in compliance with the transparency obligation under Article 34 of the European regulation. The company also reported the incident to the Data Protection Authority, initiating all the procedures required by the case.
The human factor: the weak link in the security chain
Although technical investigations are still ongoing and the precise dynamics that allowed criminals to access the systems are not yet clear, experts agree on a fundamental point: behind the vast majority of ransomware attacks lies human error. A sophisticated code flaw or an unknown zero-day vulnerability is not needed: just one wrong click.
The statistics are clear and relentless. According to the latest data, 95% of cybersecurity incidents are due to human factors. Employees represent the main weak point in corporate cybersecurity strategies, often unaware of the risks they face every day by opening simple emails. Another alarming statistic: over 80% of cyberattacks start with a phishing email, exploiting psychological manipulation to push victims to perform seemingly harmless but fatal actions for corporate security.
Attackers are masters of social engineering: they create messages that appear to come from reliable sources, exploiting urgency, fear, or curiosity to bypass the recipient’s rationality. An attachment that looks like an invoice, a link promising an exclusive offer, an urgent request from a supposed superior: these are all baits that flood corporate inboxes daily. And too often, they work.
Italy under digital siege: a vulnerable country
The Poltronesofà case is not isolated but fits into a worrying national context. According to the latest Clusit Report, our country accounts for over 10% of all global cyberattacks, despite representing only 1.8% of the world’s GDP. A disproportion that reveals how vulnerable and attractive the Italian economic fabric is. So much so that Italy, according to data from the National Cybersecurity Agency, ranked ninth in the world and fourth in the European Union for the number of ransomware claims.
The most affected sectors? Manufacturing, public administration, financial services, and increasingly, retail and services.
Companies that manage large amounts of personal data become ideal targets: not only for the economic value of the ransom but also for the possibility of reselling sensitive information on the dark web.
Training as a shield: investing in people as well as technologies
In this scenario, technology alone is not enough. Advanced firewalls, intrusion detection systems, multi-factor authentication: all of this is essential but can be undermined by a single human error. The real line of defense consists of aware, trained, and prepared employees who can recognize threats.
Cybersecurity training is no longer an option but a strategic necessity.
According to experts, monthly training can reduce human errors by 70%.
Yet the data shows that only a third of Italian employees participated in cybersecurity training courses in the last year. A gap that costs dearly: every ransomware attack involves not only direct economic damage but also operational disruptions, loss of reputation, and possible sanctions from the Privacy Authority.
Cybersecurity, therefore, is no longer just an IT department issue but a shared responsibility across the organization. Every employee, from the CEO to the newest hire, can be the entry point for a devastating attack or the hero who prevents it with a simple report. In this scenario, training is not a cost but the most strategic investment a company can make to protect its future.
Investing in staff training means building a "human firewall" around the organization. Aware, prepared, and vigilant employees represent the first and most effective line of defense against cybercrime.
