Cyber Incident Victim: Aigües de Mataró
Date:
Apr 2025
Location:
Spain
Summary
Aigües de Mataró's information systems suffered a cyberattack that encrypted its servers. The utility activated internal controls, implemented its breach and leak protocol, and launched its contingency plan while collaborating with the Catalan Cybersecurity Agency to restore services. The incident was reported to the Catalan Data Protection Authority and a complaint was filed with the Mossos d'Esquadra. Personal data exposed included identification details, household and tenure information, bank account IBANs, meter readings, and sensitive reports on residential exclusion risk and social meter requests; payment card data were not affected. As a result, subscribers may face obstacles accessing the virtual office, receiving Comunicaigües alerts, and experiencing delays in billing and administrative procedures, although water supply, its quality, key management, and the TubVerd service remain unchanged.
| CIA Posture | Motives | Tactics, Techniques & Procedures |
|---|---|---|
| Available to members | 0 motives | 1 technique |
| Threat Actors | Type | Location |
|---|---|---|
| 0 actors | Available to members | Available to members |
Description
On 21 April2025, the information systems of Aigües de Mataró suffered a cyberattack during which the company's servers were encrypted. Following detection of the attack, the organization activated its internal controls to mitigate the effects, including the execution of its breach and security leak protocol and the implementation of its contingency plan. In parallel, Aigües de Mataró began working jointly with the Catalan Cybersecurity Agency to restore the full range of services. The incident was reported to the Catalan Data Protection Authority and a formal complaint was filed with the Mossos d’Esquadra.
The attack compromised personal data of subscribers, encompassing identification details such as name, surnames, DNI or equivalent, date of birth, signature, postal address, email address and telephone number; personal characteristics data including tenant or owner status and household composition information; economic data consisting of bank account IBAN; commercial data relating to meter readings; and sensitive data comprising the content of residential exclusion risk reports and applications for social meter installations. No payment card data were affected in the incident. As a result of the encryption, subscribers may experience difficulties accessing the virtual office, using the Comunicaigües alert service, and could encounter delays in billing and the processing of administrative procedures. The cyberattack did not affect the water supply service or its quality, nor did it impact the management of the keyguard system or the TubVerd service.
For any inquiries or concerns regarding the incident, individuals may contact the data protection delegate via email at [email protected] or by telephone at 937416100. In‑person assistance is available at the offices located on Pitàgores street, numbers 1 to 7, from Monday to Friday between 08:00 and 14:30 hours. In case of service interruptions, the 24‑hour breakdown line 900 777 555 remains operational. Aigües de Mataró stated that it will update and expand the information as further developments occur and expressed regret for the inconvenience caused to the public.