The government is investigating allegations of a major breach affecting private security personnel, the military and Ministry of Defense personnel. On Wednesday, the names and email addresses of soldiers and agents were published on a forum where information stolen in cyberattacks and security breaches is shared. As elDiario.es was able to verify, the cybercriminals claim to have three databases containing approximately 160,000 IDs.
Two of these databases contain information about private security personnel, with a total of 109,000 rows of information, the publication’s authors said. The remaining database belongs to the Department of Defense and will contain 84,000 rows of information.
The Defense Ministry-dependent Center for Information and Communication Systems Technology (CESTIC) is currently analyzing the veracity of data held by cybercriminals and the scope of the leak, an official Ministry official explained to this media. Written by Margarita Robles.
Last April, the Armed Forces and Civil Guard became aware of a cyber attack on one of their suppliers, which resulted in a mass leak of information similar to what is now publicly available. The victim was in charge of medical examinations for members of both organizations, Medios de Prevention Externos Sul SL.
According to the company, in addition to the names and email addresses of the affected employees, there is a possibility that their mobile phones, dates of birth, genders, occupations, and medical results were stolen in this incident.
Sources familiar with the incident told elDiario.es that the characteristics of this Wednesday’s leak match the source of the leak from a defense supplier, thus ruling out the possibility that it was a database stolen from Medios de Prevention Externos Sur SL. He explains that it is not possible. However, the possibility that the cyber attack was caused by a different cause is also being investigated. In this Wednesday’s publication, the cybercriminals only provided the names and email addresses of military, intelligence and defense personnel, not the array of information exposed in the April breach.
Although the leaked information released this time does not contain sensitive data, its sale represents a significant cybersecurity risk. This type of information can be used by criminal organizations and other types of actors to carry out actions directed not only against security personnel and their families, but also against businesses, state institutions, and civilians. There is.
This type of data presents the potential for personalized attacks. This allows them to impersonate military personnel or private security personnel, as well as carry out phishing campaigns aimed at compromising military and security systems. It may also reveal connections to these employee organizations whose identities have not been made public.
The same attack methods could also be launched against targets outside the security forces. Emails from public officials can be used as basis for fraud, which can result in fines and police investigations. Also for companies supplying the military and military research institutes.
