Spanish labor agency suffers ransomware attack, union says

Madrid, Spain's capital. A ransomware attack has hit a state employment benefits agency (Getty Images).


Written by

A ransomware attack has affected IT systems at a Spanish government agency that manages unemployment benefits, disrupting “hundreds of thousands” of appointments at the agency, a Spanish labor union said Tuesday.

The cyberattack on Spain’s State Public Employment Service (SEPE) affected the agency’s offices around the country, forcing employees to use pen and paper to take appointments, according to the Central Independent Trade Union and Civil Servants. The union alleged that the SEPE had aging IT systems that the agency had not upgraded.

SEPE plays an integral part in distributing unemployment benefits in a country where the coronavirus pandemic has hammered the economy. The number of jobless people in Spain is now 4 million, its highest rate in five years, according to official data. But SEPE Director Gerardo Gutiérrez said an interview with Spanish broadcaster RNE that the incident had not affected unemployment benefits, and that it has not led to the theft of personal data.

The attackers had not demanded a ransom, and SEPE was helping people reschedule their appointments with the agency, Gutiérrez said.

SEPE could not be reached for comment. A message on the agency’s website Tuesday said that “for reasons beyond SEPE’s control,” web services were down.

It was not immediately clear on Tuesday who was responsible for the ransomware attack, or how long SEPE would be dealing with it. Security experts at the Spanish government’s National Cryptologic Center were responding to the incident, according to Gutiérrez. The cryptological center’s incident response team did not respond to a request for comment.

The SEPE hack appears to be part of a long pattern of scammers trying to exploit Spaniards as they confront the economic impact of the pandemic. A year ago, when the country was locked down because of the virus, criminal hackers used mobile apps purporting to offer COVID-19 updates to try to steal data from Spaniards. Weeks later, researchers said crooks were using a hacking tool to try to steal money from customers of big Spanish banks

-In this Story-

coronavirus, cybercrime, incident response, ransomware, Ransomware Editorial Series 2021, Spain