The police are investigating a suspected cyber attack on Podemos, in which data of party members and economic information was stolen. The attack, which took place in the middle of the month, allowed hackers to obtain around 30 million gigabytes of information including names, surnames, ID numbers, phone numbers, and addresses of the members. Similar attacks were reported on the CDU, the largest political party in Germany, and other European political parties around the same time, all linked to Russia by Google’s cybersecurity subsidiary Mandiant. Various institutions and organizations such as the IMF, Air Europa, Fujitsu, Microsoft, Scottish hospitals, French government services, and the Sant Antoni City Council in Ibiza were also targeted during this period.
Podemos reported a potential breach in their servers on the 21st after the hackers boasted about it on social media, even posting a screenshot with the party’s logo, folders of supposedly stolen data, and a mocking message in English about how easy it was to find vulnerabilities. The complaint by Podemos about “illegal access to the party’s server with data theft” was filed at the Retiro police station in Madrid. The Cybercrime Group VII has taken over the investigation. The origin of the attack was traced back to Moldova, but investigators believe it was used as a decoy to disguise the true culprit behind the cyber aggression, coinciding with global security warnings of Russian-originated attacks targeting essential services.
The party has not disclosed further details about the stolen economic or membership data, and the name of the malware used for data capture has not been revealed yet. This incident marks the first known cyber attack of its kind on a Spanish political party and follows a wave of intrusion campaigns against German political parties by APT29 hackers earlier in the month. This attack tactic started with a mass email impersonating an invitation to a dinner on March 1st with CDU militants that contained a dangerous or malicious link. Mandiant warned of the “significant threat to European and Western political parties across the political spectrum” posed by APT29.
One of the most notorious attacks during the February and March wave was on the IMF, detected on February 16, jeopardizing 11 email accounts of the organization. Japanese giant Fujitsu confirmed data theft from clients on the 19th without providing further details. In early February, numerous official French IT services fell victim to an unprecedented cyber attack claimed by a group calling themselves Anonymous Sudan, allegedly supported by Russia and various Islamist groups. The attack started over a weekend using classic methods to disrupt IT services, of an intensity never seen before in the country.
By subscribing, readers can stay up-to-date with the latest news. The cyber attack on Podemos and other institutions highlights the growing threat of cybercrime and the need for robust cybersecurity measures to protect sensitive information and essential services from malicious actors. The investigation into these attacks continues, with authorities working to identify and apprehend the perpetrators behind these cyber intrusions. This incident serves as a reminder of the importance of constant vigilance and proactive cybersecurity measures to safeguard against potential cyber threats and attacks targeting political parties, organizations, and individuals.