Brinztech Alert: The Alleged Database of Old Square Cagliari is Leaked

Dark Web News Analysis

The dark web news reports a targeted data breach involving Old Square Cagliari, a popular restaurant in Cagliari, Italy. A database containing the personal information of approximately 10,009 customers is allegedly being leaked on a hacker forum. The threat actor claims to have gained access to the establishment’s administration panel using an automated script. The compromised dataset reportedly includes sensitive Personally Identifiable Information (PII) such as full names, mobile numbers, email addresses, dates of birth, and specific customer profile attributes including marketing preferences (e.g., flagMarketing).

Key Cybersecurity Insights

For a hospitality business operating within the European Union, a breach of this nature carries immediate regulatory and reputational consequences:

• GDPR Compliance Violation: The exposure of 10,000 records belonging to EU citizens is a clear violation of the General Data Protection Regulation (GDPR). The leak of mobile numbers and dates of birth is considered high-risk, potentially subjecting the business to significant fines from the Italian Data Protection Authority (Garante Privacy) if negligence is proven.
• Targeted Marketing Phishing: The leak includes “flagMarketing” status. Attackers can use this data to identify which customers are subscribed to newsletters and send them highly convincing phishing emails mimicking official restaurant promotions (e.g., “Claim your free birthday dinner here”) to steal credit card details.
• Admin Panel Vulnerability: The use of an “automated script” to access the admin panel indicates a fundamental security failure. It suggests the panel lacked basic protections like CAPTCHA, Rate Limiting, or Multi-Factor Authentication (MFA), allowing the attacker to brute-force or scrape the data without resistance.
• Identity Theft: The combination of a Date of Birth, Full Name, and Mobile Number provides a strong starting point for identity theft or “SIM Swapping” attacks, where attackers take control of the victim’s phone number to bypass 2FA on banking apps.

Mitigation Strategies

To mitigate regulatory fallout and protect customers, the following strategies are recommended:

• Secure the Admin Panel: Immediately restrict access to the administration panel. Implement IP Whitelisting so only internal restaurant networks can access it, and add CAPTCHA to prevent automated scripts from scraping data.
• GDPR Notification: Consult with legal counsel to notify the Italian authorities (Garante) within the mandatory 72-hour window. Notify affected customers so they can be vigilant against scams.
• MFA Implementation: Enforce Multi-Factor Authentication (MFA) for all administrative accounts. This ensures that even if a script guesses a password, it cannot access the backend.
• Vulnerability Scanning: Run a web vulnerability scan on the restaurant’s website to identify and patch the specific flaw (e.g., SQL Injection or IDOR) that allowed the script to extract the database.

Secure Your Business with Brinztech — Global Cybersecurity Solutions

Brinztech protects organizations worldwide from evolving cyber threats. Whether you’re a startup or a global enterprise, our expert solutions keep your digital assets safe and your operations running smoothly.

Questions or Feedback?

For expert advice, use our ‘Ask an Analyst’ feature. Brinztech does not warrant the validity of external claims. For general inquiries or to report this post, please email us: contact@brinztech.com