Anonymous Italia and AntiSec-Italia, two hacktivist groups associated with the Anonymous hacker collective, have hacked and defaced four Italian healthcare organizations and leaked data from two.

The group leaked the data online on August 21 as part of an Anonymous operation named #OpSafePharma, a campaign launched only in Italy to protest the government's stance on ADHD (Attention-Deficit/Hyperactivity Disorder), which involves recommendations for heavy doses of prescription medicine, even for the mildest signs of the disorder, and before any other type of alternative therapy.

The hacktivists are arguing that officials should mandate alternative therapies before medication, and not allow big pharma companies to influence doctors to prescribe heavy doses of ADHD medicine out of the gate.

#OpSafePharma launched in March 2016

The hacktivist group launched the campaign on March 16, 2016, with DDoS attacks against the Ministry of Health, the Higher Institute of Health, and numerous local health authorities.

These were followed a few days later by database breaches at AIFA (Associazione Italiana Famiglie ADHD / Italian Association of ADHD Families) and the Italian Red Cross branch.

An Anonymous member nicknamed Artek was behind these attacks, and after publishing the last two database dumps online, he was arrested by Italian police on March 30.

A second stage of the campaign, #OpSafePharma 2.0, took place on June 1 after Anonymous hackers dumped data online from the Istituto Superiore di Sanità (National Institute of Health).

#OpSafePharma 3.0 targeted four random healthcare organizations

The most recent phase of this campaign took place at the end of August, with attacks against the MEDUSA public portal of the National Institute of Health, the Azienda Ospedaliera Santa Maria clinic, the clinic of the University of Naples Federico II, and the ASL TO2 state clinic in Torino.

Hackers breached servers and defaced public websites, eventually leaking files from the last two organizations (the clinics in Naples and Torino).

Anonymous Italia advertised their data dumps on Facebook and Twitter. Cyber-security firm SenseCy was able to get hold of the data and analyze its content.

SenseCy: These are opportunistic attacks

The company says that hackers leaked around 2.5 GB of data which, at a closer inspection, included mostly internal communications, inventory documents, and employee CVs.

SenseCy says it also found some document scans for patients that applied to be treated by clinic doctors.

"Our assessment is that this latest iteration of #OperationSafePharma originates more from a one-time opportunity window that the hacktivist group AntiSec-Italia spotted in vulnerable websites associated with Italian medical centers and hospitals, than a concerted effort by multiple Anonymous-affiliated collectives to launch a massive hacktivist campaign against the Italian healthcare sector as a whole," the SenseCy team says.