Premise
SPID accounts have vulnerabilities that make them unsafe, since all users can become victims of fraud related to duplication of their digital identity. This process occurs extremely simply and without the consent of the victims, exploiting a flaw that is not technological, but of a regulatory nature. Although it has been discussed for several months, no effective remedies have been adopted to address this problem.
SPID 🤮, acronym for Public Digital Identity System, is an authentication system that allows citizens and businesses to access online services of the public administration and some private services in a simple and secure way 😆😆😆😆😆.
Let’s get started
There is a chance that a lot of your information has already been compromised between various recognized Data Breaches. There are websites that allow you to check, against a database that is not always updated, if your email address has been compromised. The site you can try to query is Have I Been Pwned I suggest you navigate under Tor network through the Tor Browser in order to hide your IP address.
Have I Been Pwned has a database of 14,985,121,175 there is a good chance that your email and other information may already be compromised.
Data breaches are becoming more and more frequent. One of the most significant episodes occurred on January 7, 2025, when the Guarantor for the protection of personal data sent, on January 3, a request for information to InfoCert spa. This request was made following the data breach notification made by the company at the end of December. For further details, click here to read.
The amount of data exposed and stolen by various data breaches, combined with any personal oversights that lower the level of privacy, represents an explosive mix. This can lead to the loss of digital identity through overlapping accounts.
How your digital identity is duplicated
In a very simple way, all it takes is a copy of your data and identity documents (stolen without your knowledge) that are transmitted to the SPID service provider, and in this way they obtain a fraudulent digital identity.
All it takes is a different email address than the one you trust and the scammer is able to obtain a new, perfectly functioning digital identity!
AGID (Agency for Digital Italy) signals attention but does not solve the problem🤮, excerpt of the text, for details click here to read.
If a citizen suspects that an unauthorized SPID has been activated in their name, they can contact the individual Identity Providers (IDPs) to request information. In fact, there are currently no automated and secure systems that allow for centralized verification, but AgID is outlining a technically and legally sustainable solution.
Therefore, the citizen does not know if he has been cloned and at the same time must contact all the service providers to find out if and how many digital identities are operating in his name, 🤮INCREDIBLE BUT TRUE🤮.
Read very recent articles:
- SPID cloned, salary disappeared: nightmare on NoiPA, it can hit every public employee, click here to read.
- SPID cloned, salary disappeared: the case of the teacher scammed on NoiPA. How to defend yourself and who to contact, click here to read.
- Spid cloned, state employees’ salaries and pensions at risk, click here to read.
- SPID cloned and salary stolen: how to defend yourself from digital scams on NoiPA and other public portals, click here to read.
- Stolen data and missing thirteenth salary: beware of the fake Spid scam, click here to read.
- Spid cloned, state employees’ salaries at risk: cybercriminals hijack NoiPa payments. Pensions, reimbursements and single allowance also targeted, [click here to read.](https://www.ilgazzettino.it/schede/spid_clonato_truffa_stipendi_statali_pagament _rischio-8865997.html)
- Crotone, Postal Police discovers digital fraud and recovers stolen salary with fake Spid, click here to read.
Watch the Video
The scale of the problem is so important that I suggest you watch Matteo Flora’s video