The personal information of millions of Spanish drivers was allegedly posted on a popular hacker forum, leading police to launch an investigation into a possible hack of Spain’s Directorate-General of Traffic (DGT). Spanish police announced the inquiry after discovering a database of vehicle drivers had been offered for sale online. This followed the traffic authority detecting an attempted data breach earlier this month.
Two weeks ago, the Directorate-General of Traffic detected suspicious activity from users trying to access its database. In response, the DGT blocked the suspicious access and alerted the Traffic Investigation and Analysis Group (GIAT), which subsequently opened an investigation. The DGT’s database contains detailed information on more than 27 million drivers registered in Spain, including license plate numbers and insurance data.
An anonymous user on the hacking crime forum BreachForums claimed to have “access to look up any license plate or document number” and was selling the full DGT database. The DGT spokesperson expressed skepticism about these claims, noting that data-selling forums often advertise items they don’t actually possess. However, the incident has prompted serious concerns and investigative efforts.
Recently, three of Spain’s largest companies – telecoms giant Telefonica, lender Santander, and energy company Iberdrola – have reported suffering cyberattacks that led to breaches of employee and customer data. According to a report by the Department of National Security, the total number of cyberattacks registered last year nearly doubled from 2022 to over 100,000 incidents, 130 of which were classified as “critical.” This highlights the growing threat and impact of cybercrime in Spain.
Reference:
