MecMatica (MecMatica S.r.l.), an Italian software company specializing in industrial monitoring and manufacturing automation, has reportedly been compromised by the Sarcoma ransomware group. Based in Spirano, Lombardy, MecMatica is a prominent provider of Manufacturing Execution System (MES) software, serving approximately 500 customers and managing over 8,000 CNC machines.
The Sarcoma group, which emerged as a significant double-extortion threat in late 2024, has added MecMatica to its dark web leak site. The group claims to have exfiltrated a total of 74 GB of data from the company’s systems.
The allegedly compromised data includes a mix of corporate records, technical databases, and sensitive personal information. According to the actor, the leak contains:
-
SQL Databases: Large-scale structured data related to company operations.
-
Customer and Partner Lists: Spreadsheets detailing numerous Italian manufacturing firms and their contact information.
-
Personal Identification Documents: Scanned copies of official forms containing full names, addresses, tax codes (Codice Fiscale), and phone numbers.
-
Internal Files: Sensitive administrative documents, including requests for pet passports and other personal records of individuals associated with the company.
