The Government is studying an alleged massive leak that affects members of the Civil Guard, the Armed Forces and personnel of the Ministry of Defense. The names and emails of soldiers and agents were published this Wednesday in a forum where information stolen in cyberattacks and security breaches is shared. As elDiario.es has been able to verify, cybercriminals claim to have three databases with around 160,000 identities.
Two of these databases would contain information on civil guards, with a total of 109,000 lines of information, say the authors of the publication. The remaining database would belong to the Ministry of Defense and would contain 84,000 lines of information.
The Center for Information and Communications Systems and Technologies (CESTIC), dependent on the Ministry of Defense, is currently analyzing the veracity of the data held by cybercriminals and the scope of the leak, official sources from the department directed by Margarita Robles.
The Armed Forces and the Civil Guard recognized last April that one of their suppliers had suffered a cyber attack in which a sum of information similar to that now published was exposed. The victim was in charge of carrying out medical examinations on the members of both bodies, Medios de Prevention Externos Sur SL.
According to the aforementioned company, in the incident, in addition to names and emails, the mobile phones, dates of birth, sex, jobs and medical results of the affected personnel could have been stolen.
Sources familiar with the case explain to elDiario.es that the characteristics of this Wednesday’s leak fit with an origin coming from a Defense supplier, so it cannot be ruled out that it is the database stolen from Medios de Prevention Externos Sur SL. However, it is also being investigated that it may have a different origin than that cyber attack. In their publication this Wednesday, the cybercriminals offer only the name and email of military personnel, agents and Defense personnel, not the package of information that was exposed in the April breach.
Although the leak published now does not include sensitive data, such as passwords or credentials, its sale represents a serious cybersecurity risk. This type of information can be used by criminal organizations and other types of actors to carry out actions directed against security personnel and their families, but also against companies, state institutions and private citizens.
This type of data opens the possibility of personalized attacks. It allows the impersonation of military personnel and civil guards, as well as the carrying out of phishing campaigns specifically designed to compromise military and security systems. It can also reveal the affiliation with these bodies of personnel whose identity was not public.
The same attack method can be launched against objectives outside the security forces. The emails from the civil guards could be used as the basis for scams with supposed fines or police investigations. Also against companies supplying the Armed Forces or the Armed Institute.
#Government #investigates #massive #leak #exposed #identity #civil #guards #defense #personnel
