A cyberattack on the Spain Ministry of Science forced a partial shutdown of its electronic headquarters, disrupting services used by researchers, universities, students, and businesses. A threat actor using the alias “GordonFreeman” claims to have exploited an IDOR vulnerability and leaked screenshots allegedly showing sensitive academic, personal, and financial records, creating significant privacy and fraud risks. #SpainMinistryofScience #GordonFreeman
Keypoints
- Partial shutdown of the ministry’s IT systems disrupted services for researchers, universities, students, and businesses.
- The ministry closed its electronic headquarters and suspended administrative procedures with deadline extensions.
- An actor claiming the alias “GordonFreeman” alleges they exploited a critical IDOR to gain full-admin access.
- Leaked samples reportedly include scanned IDs, passports, email addresses, IBAN payment receipts, and academic records.
- Rising cybercrime and underinvestment in public-sector security have increased the vulnerability of Spanish institutions.
Read More: https://thecyberexpress.com/spain-ministry-of-science-cyberattack/