Spain’s Ministerio de Ciencia partially closed its electronic headquarters after a “technical incident” that a threat actor claims was a cyberattack and has published samples of allegedly stolen data. The attacker, using the alias “GordonFreeman,” says they exploited an IDOR vulnerability to gain admin-level access and is offering the data for sale. #MinisterioDeCiencia #GordonFreeman
Keypoints
- Spain’s Ministry of Science partially closed its electronic services due to a reported technical incident.
- A threat actor calling themselves “GordonFreeman” claims responsibility and posted data samples on underground forums.
- Leaked samples reportedly include personal records, email addresses, enrollment applications, and official documents.
- The attacker alleges exploiting a critical IDOR vulnerability to obtain full admin-level credentials.
- The ministry has extended deadlines for affected procedures and is assessing the incident while investigations continue.