A cyberattack targeting the Ministry of Science, Innovation and Universities has led to a partial shutdown of government IT infrastructure, interrupting essential digital services relied upon by researchers, universities, students, and businesses nationwide.
Authorities initially referred to the disruption as a “technical incident,” but mounting evidence — alongside confirmations from Spanish media — now indicates the event was the result of a cyberattack that may have compromised sensitive academic, personal, and financial data.
The ministry is a key pillar of Spain’s higher education and research framework. Any outage affecting its digital systems carries significant operational and administrative consequences, elevating the seriousness of the breach beyond a routine technical malfunction.
In a statement posted on its electronic headquarters, the ministry acknowledged the disruption and announced the temporary closure of several digital services.
“As a result of a technical incident that is currently being assessed, the electronic headquarters of the Ministry of Science, Innovation and Universities has been partially closed.”
The notice further stated: “All ongoing administrative procedures are suspended, safeguarding the rights and legitimate interests of all persons affected by said temporary closure, resulting in an extension of all deadlines for the various procedures affected.”
Officials added that deadline extensions would remain active: “until the complete resolution of the aforementioned incident occurs,” citing Article 32 of Law 39/2015.
While the extension of deadlines offers procedural protection to affected users, the absence of immediate clarity regarding the nature of the disruption sparked concern among stakeholders.
Hacker Claims Responsibility for Breach
Concerns escalated after a threat actor operating under the alias Gordon Freeman appeared on underground forums claiming responsibility for the attack. The individual alleged exploitation of a critical Insecure Direct Object Reference (IDOR) vulnerability, which reportedly granted “full-admin-level access” to internal systems.
The attacker published sample screenshots online — though their authenticity has not been independently confirmed — showing what appear to be official documents, email addresses, enrollment records, and internal communications.
Spanish outlet OKDIARIO reported that a ministry spokesperson acknowledged the IT disruption stemmed from a cyberattack and confirmed that the electronic headquarters had been taken offline to evaluate the potential scope of the breach.
Although the forum where the leak was allegedly posted has since gone offline and the data has not resurfaced elsewhere, early indicators suggest the materials could be genuine. If verified, the breach would represent a significant failure in access control safeguards.
According to the attacker’s claims, the compromised data may include:
- Scanned identification documents, including NIEs and passports
- Em
[…]
Content was cut in order to protect the source.Please visit the source for the rest of the article.This article has been indexed from CySecurity News – Latest Information Security and Hacking IncidentsRead the original article: