A call that imitates technical support takes advantage of a false router upgrade to change your provider
15/05/2026
Data Protection and Privacy News
The navigation of a legal portal prevents writing news with real data about Catalonia
15/05/2026
The original material lacks verifiable figures, dates, and statements, making it impossible to produce an informative piece without inventing data.
Artificial intelligence trains its own replacements using the voices of employees it is supposed to help
15/05/2026
AI reduces administrative positions and has already caused 16% less youth employment since 2024. Experts warn about the substitution of routine tasks and legal doubts surrounding the capture of labor data.
A Zaragoza optical shop took out 12 quick loans using its own clients' data
14/05/2026
The Police arrested the owner of an optical shop for taking out 12 loans with customer data without permission. The fraud exceeds 32,000 euros and affected seven people who found unsolicited bank charges.
The school management platform in the Valencian Community uses personal data of students to send political propaganda to families.
14/05/2026
Compromís denounces in Congress and Brussels the use of the school app Itaca to send political propaganda to families during the teacher strike, for possible non-compliance with the GDPR.
Cybercriminals hide malware in public Claude AI chats to steal credentials on Mac
14/05/2026
Attackers use Google ads and Claude AI chats to distribute malware on Mac. The code runs in memory, steals credentials and cookies, and changes with each download to evade antivirus.
The cameras dismantle the report that condemned two agents in L'Hospitalet to 3 years for falsifying the version of events
13/05/2026
Two police officers from L'Hospitalet complete three years in prison for falsifying a report after an accident. Cameras dismantled their account and proved that they assaulted a witness who refused to provide his details.
The Valdemoro City Council forces the use of manual records after the alleged extraction of 1.8TB of sensitive information
13/05/2026
Valdemoro activated paper procedures after a cyber incident. The council does not detail the scope, despite the Kairos group claiming 1.8TB of data. Citizens are recommended to change passwords and monitor their accounts.
The same prosecutor who protects her as a victim now requests her indictment for violating private data
13/05/2026
The Prosecutor's Office set May 12 for the indictment hearing against Laura Ojeda for alleged undue access to Daysuris Vásquez's conversations. The defense alleges a conflict of interest as the same prosecutor is involved in both cases.
European protection of your data vanishes before US law that obliges apps to hand them over
12/05/2026
Abandoning WhatsApp and Gmail shields privacy from the CLOUD Act. Van der Burg proposes migrating to European services like Proton Mail and Nextcloud to regain real control over personal data.
A breach in an external provider exposes banking data of 3% of Naturgy clients in Spain without filtering passwords
12/05/2026
Naturgy notifies a breach in an external provider that affects 3% of its clients in Spain. Bank details were leaked, but not passwords. The OCU confirms that banks must reimburse any fraud.
The 197,000 emails from Zara trace a purchase history that the company claims not to have lost
12/05/2026
Inditex admitted unauthorized access to external servers. Although it denies the loss of sensitive data, 197,000 Zara emails with purchase history and location were confirmed. ShinyHunters claimed the attack.
The police infiltration in a Ciutat Vella assembly activates lawsuits that force the Interior Ministry to justify union surveillance
12/05/2026
Unions denounce the infiltration of the Mossos in a Ciutat Vella assembly. They demand that the Interior Ministry clarify who ordered the surveillance and what union data was collected.
Managing 1.2 million visitors a year at La Pedrera: Gaudí's heritage as "social return"
06/05/2026
Marta Lacambra directs the Catalunya La Pedrera Foundation: the entity reinvests tourism income in social and cultural projects, with audio guides in 14 languages and nearly 1.2 million visitors.
An AI vishing scam impersonated Pablo Motos and led a victim from León to hang up and report it
03/05/2026
Cybercriminals impersonated Pablo Motos' voice with AI to say the woman had won a gift card from El Hormiguero. After suspicions, she called 017 and activated the report.
Operation Road Trap: Bitdefender detects 79,000 fake messages in Catalonia to steal data and even control the mobile phone
02/05/2026
Between Dec. 2025 and Apr. 2026, Bitdefender (Operation Road Trap) detects 79,000 malicious communications in Spain with dangerous links for transport and mobility. Catalonia, Madrid, and Andalusia are where it affects the most.
Pamplona's Low Emission Zone exposes unidentified risks for personal rights, according to Comptos
02/04/2026
"Unidentified risks" in the data processing of the ZBE of Pamplona, warns the Chamber of Comptos
27 active channels on Telegram sell personal data in Brazil, Peru and Argentina
02/04/2026
The illegal buying and selling of personal data is available on Telegram channels
4,000 euros for responding to a review: this is how the AEPD sanctioned by publishing academic and sexual orientation data
02/04/2026
The fact that these data appear on networks does not imply that anyone can collect and publish them" - AEPD
5 data stolen in an SMS: DNI, address, card number and more in campaign in Barcelona
01/04/2026
Someone has tried to log into your account. If it wasn't you, verify your identity
2.5 million ClickRent customers affected by a leak with passports, DNIs, and bank details exposed.
01/04/2026
"More than 100 GB of identity documentation" compromised in the leak to ClickRent, according to the attacker.
FACUA denounces the Franco Foundation's store for violating the Democratic Memory Law
31/03/2026
Possible non-compliance with the Democratic Memory Law in the online store of the Franco Foundation
200,000 euros for revealing identities in an internal case of workplace harassment
31/03/2026
The identity of the complainants was exposed, according to the resolution of the AEPD
More than 142,000 leaked data in LeakBase: thus operate the forums of sale of state information
30/03/2026
"It is not an attack in the strict sense", experts say about the dissemination of data of high-ranking officials
10 key points to protect minors' data on educational platforms in the cloud
30/03/2026
The use of digital platforms is not voluntary for students and families
78% of sick leave frauds use the fear of losing the benefit
29/03/2026
The hook is the fear of a possible review so that you open the link
9 searches in a police database about the tenant's uncle: the data that did not prove a crime
29/03/2026
I am a plumber, I have Civil Guard clients and I don't put any problem in them making inquiries" - Ricardo Amador, guarantor
4.3 million Centauro Rent a Car user records appear on the dark web after alleged breach
29/03/2026
From Escudo Digital we have gotten in touch with the company to clarify what happened
About 10 million confidential records were stolen in cyberattacks linked to a criminal network
28/03/2026
The stolen information was used to commit cyber scams and sale in clandestine forums.
FACUA detects fake websites that simulate selling Rosalía tickets to steal data
28/03/2026
"New spots available now": the claim they use to deceive on Instagram
The Senate prohibits using the image of minors in school advertising without written consent from their parents
27/03/2026
'It may be revoked at any time': new law prevents commercial use of student data without authorization
5 billion euros: how the Generalitat's subsidies are distributed in 2025 according to Subvencions.cat
27/03/2026
Data are never neutral - Cristina Garde, researcher at the Universitat Pompeu Fabra
6,771 personal data were exposed due to a flaw in the anonymization of local grants
26/03/2026
No general impact has been detected on the own data of the Generalitat.
The Meta Ray Ban have already become popular: the EFF warns about who else accesses its recordings
26/03/2026
"They have already become popular": the EFF warns about the use of smart glasses with camera
5 million accounts at risk after the possible leak at Crunchyroll, according to initial alerts
26/03/2026
"There is no official confirmation, but the bank details are already circulating", say cybersecurity experts
1 call from an AI agent = 1 new data output with legal weight, according to the AEPD
25/03/2026
It is not enough to know the input and the output of the system
An age verification system that collects biometric data from minors is not well designed: Maite Arcos
25/03/2026
If it guarantees privacy, it is a good tool for the objective it pursues" - Maite Arcos
On April 2, the AEPD learned of the leak, but did not notify it until September 9
25/03/2026
It did not involve a high risk for those affected
174,000 euros to shield La Moncloa after the leak of phone numbers and emails of Sánchez, Díaz and Montero
24/03/2026
"Two firewalls in cluster and a log analyzer": Moncloa admits its outdated infrastructure
4 data protection authorities join forces to regulate the use of educational platforms in Spain
24/03/2026
The decalogue bets on a preventive approach" for the treatment of data in education
The AEPD notified a breach five months after learning about it: the incident was April 2, 2025
24/03/2026
"More than five months after becoming aware of the incident" the breach was not notified, according to the document
9 out of 10 text messages about INSS medical reviews with a link are fraudulent
23/03/2026
Public administrations do not request data through links in SMS - Spanish Consumers Association
3.50 dollars: the average price to buy a complete identity on Telegram channels in Latin America
23/03/2026
In other words, this section offers a clear X-ray of the person's financial behavior
50 prosecutors exposed: ID, address and phone for sale on the dark web
21/03/2026
If the State does not protect its data, it cannot guarantee the security of the citizens - José Ramón Riera
85% of email attacks simulate legal documents to activate malware
21/03/2026
"Appear immediately" is the phrase they use for you to open the infected file
The FBI acquires data available on the market to obtain valuable intelligence: Kash Patel
20/03/2026
Accessing personal data without a warrant is a 'scandalous mockery' of the Fourth Amendment: Wyden
Only 1 advertising message per month: this is how the new law limits the use of your personal data
19/03/2026
No provider may use personal data without express authorization
More than 70% of the cyber threats detected are identity impersonations, according to INCIBE
18/03/2026
The text literally says that the citizen must appear at the Central Department of the National Police in Madrid on December 20, 2024 for an alleged administrative file.
A TSJC condemns Mercadona to pay €7,501 for violating the data protection of a manager
13/03/2026
The TSJC has recognized that the use of personal data occurred in the context of a disciplinary proceeding that culminated in a dismissal and that Mercadona acted in the exercise of the disciplinary power contained in the Workers' Statute.
The UN warns: international data collection does not have a binding legal framework
13/03/2026
An absence of specific regulation is identified as one of the main current challenges in the area of digital privacy.
Thousands of patients with resistant depression improve today thanks to neurotechnologies
12/03/2026
The neurologist Álvaro Pascual-Leone, professor at Harvard Medical School, and the neuroscientist Mariano Sigman, international researcher and popularizer, participated in the debate.
More than 10,000 seniors at the Senior Fair: sure prizes in exchange for personal data
11/03/2026
During the fair, several activities offered sure prizes in exchange for personal data such as name, surnames, phone, and email address.
More than 7,144 million in GDPR fines: this is how the misuse of your data is punished in Europe
11/03/2026
Spain leads the European ranking with 3,034 sanctions imposed since the implementation of the GDPR, far ahead of Italy, Romania, Germany, Poland and Greece.
A fake email from 'My Citizen Folder' promises €552.97: this is how the fraud detected by INCIBE operates
11/03/2026
The message arrives from the address "[email protected]" and simulates an official notification. In the text, the recipient is informed that "an income of 552.97 euros has been generated in their favor".
Fine of 48.000 € for using personal mobile phones for work access tokens
10/03/2026
Of the 364 active employees, 203 provided their personal mobile to receive SMS authentication tokens.
An SMS, a call and €20,000 less: this is how the group dismantled in Córdoba acted
10/03/2026
The @ Team of the Córdoba Command, specialized in cybercrime, has investigated 12 people as alleged perpetrators of fraud and money laundering crimes.
Alert on digital surveillance among young people
09/03/2026
Cheyenne Hunt, executive director of Gen Z For Change, has pointed out that the current political administration has increased monitoring on activist groups and youth organizations.
Five years without practicing for inviting a patient to 'have a beer' after consulting her data
09/03/2026
During the process, the doctor admitted having called the patient from his personal number. He declared that his intention was "to invite the patient for a drink" to "talk about the disability situation and the assessment".
Romania annuls the first presidential round after detecting Russian cyberattacks
09/03/2026
The European Commission maintains open a formal investigation against TikTok for possible violation of the Digital Services Act.
The AEPD obliges Palma to change the brown containers for violating data protection
09/03/2026