Cyber Incident Victim: Ajuntament de Calvià

The Calvià Town Hall in Mallorca, Balearic Islands, Spain, experienced a cyberattack detected in the early hours of Saturday, January 13, 2024. Upon discovery of the breach, municipal authorities urgently convened a crisis committee composed of IT specialists, department heads, and councillors to coordinate the institutional response. The committee initiated immediate containment protocols while technical teams began assessing the scope and severity of the intrusion. IT department personnel collaborated with external cybersecurity specialists to conduct forensic analysis of compromised systems and networks, focusing on identifying the attack vector and extent of unauthorized access. Recovery operations commenced simultaneously to restore affected municipal services, though the specific systems or infrastructure impacted were not detailed in available reports.

Technical teams prioritized evidence preservation for subsequent criminal investigation while working to mitigate operational disruptions. Municipal staff received procedural guidance regarding cybersecurity protocols, including instructions to change passwords as a precautionary measure. Authorities expressed particular concern regarding potential exposure of citizens' sensitive personal data held by the town hall, though no definitive confirmation of data exfiltration emerged during initial investigations. The forensic analysis remained ongoing at the time of reporting, with officials planning to submit the completed technical report to the Guardia Civil's telematic services unit for criminal investigation. No information regarding ransom demands or attacker communications was disclosed by authorities during the initial response phase.