Personal data allegedly belonging to the Guardia Civil and the Ministry of Defense detected on the dark web

Posted date 20/01/2025

A leak of approximately 160,000 pieces of data that could belong to members of the Guardia Civil, the Armed Forces and the Spanish Ministry of Defense has recently been identified on the dark web. This leak could be linked to a ransomware attack that occurred in March 2024 against Medios de Prevención Externos Sur SL, a company subcontracted to perform medical examinations. The compromised data includes names, emails, professional identifiers, dates of birth and medical results.

The cybercriminals may have published three separate databases: two with data belonging to 109,000 members of the Guardia Civil, while the third would be associated with the Ministry of Defense including approximately 84,000 records. The Center for Information and Communications Systems and Technologies (CESTIC), an agency attached to the Ministry of Defense, is conducting an investigation to confirm the authenticity of the data and determine the scope of the leak.

Experts warn that the disclosure of this information could be used for targeted phishing attacks, identity theft or other threats against the integrity of those affected, which raises the level of alert in the related institutions.