Cyber Incident Victim: Ayuntamiento de Torre Pacheco
Date:
Mar 2024
Location:
Spain
Summary
The Ayuntamiento de Torre Pacheco experienced a ransomware attack compromising municipal information systems, leading to encrypted data and disrupted services including local police operations. Personal data potentially exposed includes basic identifiers, administrative records, and internal management information tied to municipal services. Upon detection, the municipality activated a Crisis Committee, notified regional IT services and the National Cryptologic Centre for mitigation support, and filed a report with the Guardia Civil. Officials also informed political representatives and submitted a mandatory breach notification to Spain's Data Protection Agency while advising affected individuals to exercise caution with their personal information. Recovery efforts focus on restoring system availability and service operations.
| CIA Posture | Motives | Tactics, Techniques & Procedures |
|---|---|---|
| Available to members | 1 motive | 1 technique |
| Threat Actors | Type | Location |
|---|---|---|
| 0 actors | Available to members | Available to members |
Description
On March 29, 2024, the Ayuntamiento de Torre Pacheco detected a ransomware attack targeting its information systems after the municipal IT service identified inaccessible servers for the Local Police and confirmed subsequent encryption of additional data. The incident compromised the availability of municipal services and potentially exposed personal data of residents, including basic identifying information and records tied to administrative procedures managed by the municipality. Internal operational data related to the town hall’s management systems was also affected. Upon discovery, the municipality immediately notified the Regional Autonomous Community’s IT Service and Spain’s National Cryptologic Centre (CCN) to coordinate mitigation efforts and reduce potential impacts. Mayor Pedro Ángel Roca filed a formal report with the Guardia Civil and established a Crisis Committee to monitor the situation’s evolution and its effects on citizens. Political group spokespersons within the municipality were briefed on the incident as part of the transparency measures.
The attack disrupted access to critical information systems, forcing the municipality to prioritize service restoration while investigating the full scope of compromised data. Officials confirmed the ransomware encrypted files associated with municipal services, administrative workflows, and internal operations, though no specific threat actor or ransom demand was disclosed publicly. The municipality advised residents—particularly those who had submitted information electronically—to exercise caution with their personal data due to potential exposure risks. In compliance with data protection regulations, Torre Pacheco notified the Spanish Data Protection Agency (AEPD) and activated its Data Protection Officer to oversee breach protocols. A dedicated email address ([email protected]) was provided for public inquiries, though recovery timelines for affected services remained unspecified. Mayor Roca emphasized institutional solidarity, citing similar recent attacks against the municipalities of Sevilla and Calvià (Mallorca) as evidence of broader targeting patterns.