Cyber Incident Victim: Spains National Renewable Energy Center (CENER)

Spain’s National Renewable Energy Center (CENER) experienced a cyber attack on October 18, 2022. The organization publicly confirmed the incident on the same day but did not disclose technical details regarding the attack vector, scope, or specific systems compromised. CENER’s statement indicated active efforts to resolve the disruption, though no timeline for restoration was provided. The attack’s operational impacts were not explicitly detailed, but the acknowledgment of an ongoing resolution process implied disruptions to normal operations. No evidence suggested data exfiltration or ransomware involvement at the time of CENER’s initial disclosure.

DataBreaches.net contacted CENER via email on October 20, 2022, seeking an update on the incident’s status and mitigation progress. No response was received, leaving the attack’s resolution status unverified in public reporting. CENER’s public communications remained limited to its initial confirmation, with no subsequent updates on containment measures, forensic findings, or recovery milestones. The absence of attributed threat actors or ransom demands distinguished this incident from contemporaneous attacks in Spain, such as the Vice Society ransomware operation against CSIC in July 2022. CENER’s reliance on internal resolution efforts without external acknowledgments of third-party assistance or law enforcement collaboration concluded the publicly documented timeline.