Cyber Incident Victim: Ayuntamiento de Monforte de Lemos

On or around February 1, 2022, the Ayuntamiento de Monforte de Lemos experienced a cyberattack that disrupted its official website (www.monfortedelemos.es). The municipal government publicly attributed the attack to a "hacker ruso" (Russian hacker), though no specific group or individual was named. The attack was detected in the hours preceding the announcement, prompting the administration to take the website offline as a containment measure. Officials stated the site would remain "provisionalmente fuera de servicio" (provisionally out of service) until the attack was resolved. Despite the website disruption, the town hall confirmed its electronic administrative portal (sede.monfortedelemos.es) remained fully operational and unaffected by the incident, advising users to access services directly through that subdomain.

The primary operational impact was the inability to publish new content on the main website, notably preventing the upload of an audio recording from a recent council plenary session held the previous day. Municipal technicians worked to restore normal operations, with the administration committing to reactivate the site "lo antes posible" (as soon as possible). No data breach, ransomware demands, or secondary system compromises were reported. The incident exclusively affected the public-facing website’s availability, with no disruption to internal operations or citizen-facing services hosted on the separate electronic sede platform. Restoration efforts focused on removing the blockage imposed by the attacker without disclosing technical specifics of the attack vector or remediation steps undertaken.