Cyber Incident Victim: Empresa de Transportes Urbanos de Sevilla

A cyberattack targeted the public transport system of Seville, Spain (TUSSAM) on November 6, 2022. The incident disrupted digital services, including mobile applications and real-time information panels used by passengers to monitor bus schedules and routes. This disruption impaired the system's ability to provide automated updates to users across the network. TUSSAM personnel implemented manual operational procedures to sustain service continuity while addressing the technical outage. The organization confirmed no theft of customer data or operational information occurred during the breach. Digital platforms remained non-functional for an unspecified period following the initial compromise. Service restoration efforts prioritized maintaining physical transit operations despite the loss of automated systems.

Technical teams worked to isolate affected systems and restore functionality following security protocols. The attack exclusively compromised front-facing passenger information systems rather than core vehicle control or payment infrastructure. Manual service management continued until digital platforms could be securely reinstated. TUSSAM's public communications emphasized that no personal data or financial records were accessed or exfiltrated during the incident. Full operational normalization occurred after cybersecurity measures were verified across network components. The transport operator maintained all scheduled routes throughout the incident using alternative dispatching methods. Post-incident analysis confirmed the attack's limited scope to disruption of passenger information services without deeper network penetration.