Spain’s Ministry of Science Implements Emergency Shutdown Following Security Breach Allegations

Spain’s Ministry of Science Faces IT System Shutdown Following Breach Allegations

Recently, Spain’s Ministry of Science (Ministerio de Ciencia) made headlines due to a significant development in its operations. The ministry announced a partial shutdown of its IT systems, impacting various services accessible to citizens and companies.

The Ministerio de Ciencia, Innovación y Universidades is a key government entity in Spain responsible for formulating science policy, promoting research, fostering innovation, and overseeing higher education initiatives in the country.

Notably, the ministry operates administrative systems crucial to researchers, universities, and students, managing sensitive and valuable information.

The decision to shut down the systems was attributed to a “technical incident,” according to the official statement. However, reports suggest that a threat actor has claimed responsibility for breaching the ministry’s systems and even provided data samples to substantiate the claim.

On the ministry’s website, an announcement acknowledged the partial closure of its electronic headquarters due to the ongoing technical assessment. This closure has led to the suspension of all administrative procedures, ensuring the protection of the rights and interests of affected individuals.

To mitigate the disruption’s impact, the Ministry plans to extend deadlines for affected procedures in compliance with Article 32 of Law 39/2015.

Interestingly, a threat actor operating under the pseudonym ‘GordonFreeman’ from the Half-Life game series has offered to sell purportedly stolen data from the Spanish ministry to the highest bidder.

Leaked data samples on underground forums include personal records, email addresses, enrollment applications, and screenshots of official documents, raising concerns about data privacy and security.

See also  Revolutionary Hydrogel Technology: The Future of Unclonable Security Tags

According to the threat actor, the breach of Spain’s Ministry of Science exploited a critical Insecure Direct Object Reference (IDOR) vulnerability, granting them full-admin-level access to the systems.

While the forum hosting the leaked information is now offline, concerns remain about the authenticity of the data and the credibility of the attacker’s claims.

Efforts to reach out to Ministerio de Ciencia for clarification on these allegations were ongoing at the time of reporting.

Meanwhile, Spanish media reports have confirmed that a ministry spokesperson acknowledged the IT systems disruption as a consequence of a cyberattack.

Discover how modern IT infrastructure can streamline workflows and enhance reliability with automated responses. Download our comprehensive guide to learn more.

Get the guide