Spain's Ministry of Science Shuts Down Systems After Breach Claims
Spain’s Ministry of Science Shuts Down Systems After Breach Claims 🚨
Spain’s Ministry of Science (Ministerio de Ciencia) has announced a partial shutdown of its IT systems, impacting several services for citizens and companies. This ministry is responsible for science policy, research, innovation, and higher education in Spain. It manages administrative systems that handle high-value, sensitive information for researchers, universities, and students.
The ministry stated that this decision was made in response to a “technical incident,” but did not provide further details. An announcement on their website reads:
“As a result of a technical incident currently under assessment, the electronic headquarters of the Ministry of Science, Innovation and Universities has been partially closed. All ongoing administrative procedures are suspended, while safeguarding the rights and legitimate interests of all persons affected by this temporary closure.”
To mitigate the impact, the Ministry will extend all deadlines for affected procedures, in accordance with Article 32 of Law 39/2015.
However, a threat actor using the alias ‘GordonFreeman’ from the Half-Life game series claims to have attacked the institution’s systems and has published data samples as proof of the breach. This individual has offered allegedly stolen data from the Spanish ministry to the highest bidder. The leaked data includes personal records, email addresses, enrollment applications, and screenshots of official documents.
The attacker claims to have exploited a critical Insecure Direct Object Reference (IDOR) vulnerability, granting them full admin-level access. While the forum where this information was posted is now offline, the leaked images appear legitimate, although their authenticity cannot be confirmed.
Spanish media outlets have reported that a ministry spokesperson confirmed the IT systems disruption is related to a cyberattack.
For more details, Read full article