Globalcaja, a major Spanish bank with over 300 offices across the country, has confirmed that it is grappling with a ransomware attack impacting multiple branches. The Play ransomware group has taken credit for the attack, claiming to have stolen private and confidential data, including client and employee documents, passports, and contracts.
The bank has assured customers that their transactions, accounts, and agreements remain unaffected, and operations continue normally for electronic banking and ATMs.
Security protocols have been activated, leading to the temporary limitation of certain operations as the bank works to normalize the situation and investigate the incident.
While the bank has not commented on whether a ransom will be paid, this attack adds to the growing list of ransomware incidents targeting Spanish financial institutions in 2023.
The country has already witnessed a hospital in Barcelona and a Spanish amusement park company falling victim to similar attacks. The Play ransomware gang emerged in July 2022, initially targeting government entities in Latin America before expanding their operations.
They recently made headlines with a damaging attack on the City of Oakland, which took weeks to recover from. The group has also targeted the Massachusetts city of Lowell and various companies across Europe, highlighting the widespread impact of their activities.