Spain Arrests Doxer Leaking Sensitive Data of Government Employees
Spain Arrests Doxer Leaking Sensitive Data of Government Employees 🚨
The Spanish National Police has arrested an individual for leaking sensitive information related to members of various key state organizations, including the National Cybersecurity Institute (INCIBE). According to authorities, the individual is responsible for a massive leak of personal data, which posed national security risks due to the people exposed.
The police noted that the published data was from the State Attorney General’s Office, INCIBE, the National Police, the Civil Guard, and the National Security Council, all critical entities in the country. The investigation, overseen by Madrid Investigative Court No. 22, began after authorities detected the mass dissemination of this data, creating an immediate risk to the security and integrity of both the affected individuals and the institutions themselves.
Given the seriousness of the situation, an urgent operation to locate and arrest the perpetrator was launched, culminating on May 27, with the arrest of the individual and a search of their home. After identifying and locating the person responsible for the leak, the police raided their residence and seized computers and other electronic devices that could contain technical forensic evidence.
The police press release did not mention whether the same individual was also responsible for breaching the portals. However, INCIBE posted in February about an ongoing doxing operation and stated that there was no direct compromise of their systems, but rather a targeted collection and publication of data impacting key entities and their employees.
Potential sources of such data include older breaches, credential dumps, and OSINT tools, with the data being aggregated and correlated to create curated collections. Some leaked records reportedly contained outdated information and even the names of employees who had left INCIBE years earlier.
The threat group responsible for this leak was reportedly ‘Police-ESP-Doxed,’ who leaked it in one of BreachForum’s iterations available at the time. Later, in March, the personal data of hundreds of Spanish judges and prosecutors was published on Doxbin, including full names, DNI numbers, personal mobile phone numbers, and professional email addresses. The police are currently examining seized devices for evidence of additional participants, so more arrests may follow.