Cyber incident at Consorcio Regional de Transportes de Madrid (CRTM)

The Consorcio Regional de Transportes de Madrid (CRTM) has confirmed that it was the target of a cyber-attack in November 2023, which compromised the security of databases containing public transport cardholder information.

While the exact extent of the unauthorized access has not been disclosed and no specific harm to users has been identified to date, it is acknowledged that the confidentiality of personal data was compromised. Additional security measures have been put in place and systems have been strengthened to prevent future incidents.

The Consorcio Regional de Transportes de Madrid has advised holders of public transport cards in the Community of Madrid to be alert to possible attempts at fraud or identity theft, as the information compromised includes names, addresses and other personal data.