Cyber Incident Victim: Hero España
Date:
Jun 2025
Location:
Spain
Summary
Hero España reported an external cyberattack on its computer systems during early hours, prompting a controlled shutdown to contain the breach and protect data. Cybersecurity and forensic teams investigated the cause and began restoring operations. Attack temporarily disrupted production and logistics at Alcantarilla, Murcia plant, while the company activated contingency plans to limit impact on customers and partners, maintaining communication. It stressed that employee, client, partner, and data security remains its top priority, confirming the effect was limited to its Spanish operations with no impact on other global divisions.
| CIA Posture | Motives | Tactics, Techniques & Procedures |
|---|---|---|
| Available to members | 0 motives | 1 technique |
| Threat Actors | Type | Location |
|---|---|---|
| 0 actors | Available to members | Available to members |
Description
During the early morning of Monday, Hero España reported that its computer systems were subjected to an external cyberattack, which caused a temporary affectation on the functionality of its installation in Alcantarilla, Murcia. The company stated that the attack was identified as a ‘ciberataque externo’ and that it prompted an immediate response. As part of that response, Hero España carried out a controlled deactivation of the compromised systems to prevent the attack from spreading and to safeguard data, according to representatives of the firm. This action was taken to limit the potential damage while preserving the integrity of the information stored.
Following the deactivation, a team of cybersecurity and forensic specialists, both internal and external to Hero España, began investigating the causes of the attack and working on the secure recovery of the affected systems. The company emphasized that the security of its employees, customers, business partners, and data remains its maximum priority, guiding all subsequent actions. In line with this priority, Hero España said it is implementing all necessary measures to ensure the integrity of its operations and to restore normal functionality as quickly as possible. These efforts include ongoing analysis, remediation steps, and coordination between internal IT staff and external experts.
The cyber incident has temporarily restricted Hero España’s production and logistics operations within Spain, prompting the activation of contingency plans designed to mitigate the impact on customers and collaborators. The company reported that it is maintaining constant communication with affected parties to develop tailored solutions that address specific needs arising from the disruption. Hero España also clarified that the effects of the attack are confined to its local operations in Spain and that no other divisions of the Hero Group worldwide have been impacted, as confirmed by company sources.