HomeTechnologyMadrid transport consortium warned in February of a cyberattack that compromised travelers'...

Madrid transport consortium warned in February of a cyberattack that compromised travelers’ data in November

The organization defines the theft of transportation card holders’ name, address, e-mail and phone information as “deliberate and deliberate”.

This February, the Regional Transport Consortium of Madrid (CRTM) warned of a cyberattack that occurred in the early hours of November 22, compromising the data of passengers carrying transport cards. Between January and September 2023, 57,299 crimes of this nature were recorded in the region; This figure is 19% more than crimes recorded in the same period last year. Data from the Community of Madrid. At the time of publication of this article, neither this organization nor the regional government’s Department of Transport had disclosed the reason for the three-month delay in public disclosure of the incident affecting the consortium.

In its statement, the organization admitted that “databases containing information on public transport card holders were compromised.” Statement published on the website on February 14. “By reporting that this is a cybersecurity incident, the person responsible for processing personal data confirms an external, deliberate and malicious cyber attack affecting the confidentiality of personal data,” it continues.

“The exact content of the possible extraction carried out as a result of the attack is not clear, but identifying data (name, surname, address, email, telephone, district and province, postcode,…) and sale of transport tickets from the databases of Community of Madrid public transport card holders,” he adds. . While the consortium has assured that it is not aware of any issues as a result of data leakage, the risk is clear, from receiving unsolicited communications to becoming the victim of a hacking attempt. phishing or committing identity theft by taking advantage of all the information collected during the attack.

The cyberattack on this entity came just a month after Telemadrid’s broadcast was disrupted for three hours as a result of a similar action. The incident also affected regional public radio station Onda Madrid. In the midst of these events, the Government of Isabel Díaz Ayuso justified the need to support an autonomous cybersecurity institution responsible for establishing a Cybersecurity Incident Response Team last December (CSIRTfor its English abbreviation) for the entire Community of Madrid.

These experts, as the Government detailed in a memo, “will be responsible for receiving, reviewing and copying all reports and activities related to events occurring in the area and cooperating with the attacked organizations so that they can resume normal operations in the future to avoid new incidents.” And he added: : “This structure will also focus on strengthening the computer protection of the most relevant infrastructures, with special attention to the healthcare field due to its criticality.” Although the regional cybersecurity institution was approved by the regional Assembly at the end of the year, it is not yet working at full capacity, as the PP has an absolute majority.

What affects the most is what is closest. So you don’t miss anything, subscribe.


Reason? The Government was forced to reverse the CEO appointment when EL PAÍS announced that a retired Civil Guard general had been selected for the position. Zabalza case. For now, this position remains vacant.

Subscribe To our daily newsletter about Madrid.

Source: El Pais



Please enter your comment!
Please enter your name here

Most Popular

Recent Comments