An alleged cyberattack against the Spanish Public Prosecutor's Office has resulted in the leakage and sale on the dark web of personal data of at least fifty prosecutors, among them high-ranking officials such as the current Attorney General of the State and the former Minister of Justice. The exposed information includes ID numbers, phone numbers, and full addresses, with building, floor, and door details.
The partial publication of those data occurred on March 3 and, at the same time, the rest of the stolen information would have been put up for sale. Among those affected also appear officials from especially sensitive areas, such as the fight against corruption, which has raised the seriousness of the incident.
Personal data exposed and offer on the dark web
The partial dissemination of the information points to a strategy to attract buyers on the dark web. The authors of the alleged attack would have used a sample of the stolen data as a lure to then offer the rest of the material.
Among the compromised data are identity documents, contact phone numbers, and full addresses. The exposure of this information affects profiles with institutional responsibility and with access to delicate investigations.
The Cybercrime Prosecutor's Office assumes the investigation
The case is already in the hands of the Cybercrime Prosecutor's Office, which is investigating both the real extent of the breach and the origin of the attack. For now, it has not been publicly detailed when the intrusion occurred nor for how long the affected systems could have been exposed.
The perpetrators of the attack would have also launched messages with threats of new leaks and of future actions against the Government. That warning places the episode in a scenario of sustained pressure beyond the mere sale of data.
Concern for the security of public systems
This episode is framed within a recent chain of incidents that have affected public bodies. The leak has reopened the concern about the protection of sensitive databases and the capacity to react to intrusions that directly hit state structures.
"If the State is not capable of protecting its own data, it can hardly guarantee the security of citizens" - José Ramón Riera, economist
The investigation remains open while attempts are made to determine how much information was extracted and if there may be new publications in the coming days. Awaiting more official details, the incident exposes particularly sensitive data of dozens of prosecutors and once again highlights the digital vulnerability of public institutions.