Government agencies, universities and political parties in Spain suffer hacking attack

A group of hackers claims to have compromised various public interest institutions in Spain

The digitalization of administrative processes progresses little by little, although specialists in network security from the International Institute of Cyber Security consider that most of these processes have fallen behind and this could be a security risk. The group of ethical hackers self-titled Digital Research Team says they have managed to hack universities, public offices and even some political parties in Spain.

Through their Twitter account the ethical hacking group has published a list of all the allegedly hacked institutions, claiming that they have huge databases in their possession. Hackers claim that the compromised information will not be published, as their only intention is to raise awareness among institutions about their security weaknesses.

According to specialists in network security, among the political parties hacked are the Spanish Socialist Workers Party (PSOE) and Ciudadanos political party; hackers say they even have information from some relevant figures in these institutions. 

On the other hand, the government agencies involved are Ministry of Justice, Finance, Foreign Affairs, Health, among others. Finally, different universities in cities such as Seville, Malaga, Madrid and Zaragoza were also hacked.

Network security specialists consider that this incident highlights the lack of importance for many public institutions for the security of the information they protect, some institutions have even opted to contact the hackers through the email address that the group enabled.

It is not yet known what method hackers used to compromise the online platforms of these institutions, although additional details are expected to be revealed shortly.

Finally, the group of hackers eliminated the publications in which they made known the attack of their profile of Twitter. Now, entering the profile of Digital Research Team the only thing we can find is a statement from the group in which they say that “the only objective of this campaign was for organizations to correct their security flaws. At no time will we disclose or try to profit from the information involved. We thank the institutions that have made contact with us”.