Cyber Incident Victim: Cuerpo Nacional de Policía
Date:
May 2016
Location:
Spain
Summary
Anonymous hackers breached the Spanish Police Department's systems, leaking personal data of approximately 5,400 officers—including names, national ID numbers, email addresses, and password hashes—in protest against the country's controversial gag law. The attack, claimed by the @FkPoliceAnonOps collective via Twitter, targeted mupol.es, a mutual fund platform for officers, with hackers stating the leak exposed vulnerabilities in police anonymity as retaliation for perceived repression. While the dumped data was subsequently removed from most platforms, cached versions remained publicly accessible. The incident followed recent breaches targeting Catalan police servers and reflected ongoing tensions between hacktivists and Spanish authorities over restrictive legislation.
| CIA Posture | Motives | Tactics, Techniques & Procedures |
|---|---|---|
| Available to members | 1 motive | 1 technique |
| Threat Actor | Type | Location |
|---|---|---|
| 1 actor | Available to members | Available to members |
Description
On May 31, 2016, a hacker affiliated with the Anonymous collective operating under the Twitter handle @FkPoliceAnonOps breached systems belonging to the Spanish Police Department and leaked sensitive personal data of approximately 5,400 officers. The compromised information included officers' full names, surnames, personal email addresses, national identification numbers, and MD5 hashes of passwords. Attackers targeted mupol.es, a mutual fund website serving Spanish police personnel, and infiltrated the telecom unit responsible for investigative crimes within the department. The group publicly claimed responsibility via Twitter, posting links to the leaked data alongside a statement condemning police conduct and Spain's controversial "gag law," which restricted citizens from sharing images of law enforcement online. This incident followed a separate breach weeks earlier against the Catalan Police Union (Sindicat De Mossos d’Esquadra) by a hacker known as HackBack, who similarly leaked confidential officer details to protest police brutality.
The data dump was rapidly disseminated across multiple online platforms before being removed from most primary hosting sites, though cached versions remained publicly accessible. Spanish authorities confirmed @FkPoliceAnonOps as the responsible entity and characterized the leak as a direct retaliation against the gag law's enforcement, referencing prior incidents where citizens faced fines for posting images of police misconduct. The breach exposed operational vulnerabilities in systems managing officer credentials and福利 services, though no specific containment measures or technical mitigations were disclosed by officials. Impacts included prolonged exposure of officers' personally identifiable information and credential hashes, creating risks of identity theft and credential-stuffing attacks. The incident highlighted recurring tensions between Spanish law enforcement and hacktivist groups over transparency and public accountability measures.