On April 21, 2025, Aigües de Mataró, the municipal water utility of Mataró, Spain, suffered a ransomware attack. The attack led to the encryption of the company’s servers, impacting digital services but not the water supply or quality. Restoration efforts are underway, coordinated with the Catalan Cybersecurity Agency. The company has also notified the Catalan Data Protection Authority and filed a report with the police.
The ransomware attack resulted in the exfiltration of personal data of subscribers, including full names, birthdates, and contact details.
Additionally, sensitive data like bank account numbers (IBAN), residential exclusion risk reports, and social meter applications were compromised. No payment card data was affected, and the company emphasized that water services remained unaffected by the breach. Aigües de Mataró reassured subscribers that restoration efforts are in progress and that the event is being thoroughly investigated.
Affected individuals have been warned about potential fraud and identity theft through phishing attempts via email, SMS, or phone calls. The utility also acknowledged potential disruptions in services, including delays in billing, virtual office access, and administrative processes. The company is actively working to mitigate these disruptions and has promised updates as more information becomes available.
The company advised customers to be cautious with unsolicited requests for personal information and directed them to reach out for support if needed. Despite the breach’s impact on certain services, the company’s ongoing restoration efforts aim to return all systems to normal as quickly as possible.
Reference: