Cyberattack on the Medical Examination Company for the Guardia Civil and the Army

What Happened?

The MPE Group for Occupational Risk Prevention, the company responsible for conducting medical examinations for members of the Guardia Civil, the Armed Forces, and civilian personnel of the General Directorate of the Guardia Civil and the National Police, fell victim to a cyberattack. The incident occurred on March 22 when their information system was compromised by malicious software known as Ransomware Lockbit 3.0.

What Data Was at Risk?

Initial concerns revolved around the possibility that cybercriminals had accessed sensitive information about the agents. The data they might have had access to includes:

• Professional identification card number
• Mobile phone number
• Email address
• Date of birth
• Gender
• Job position
• Medical examination results
• Certificate of fitness

Measures Taken by the Company

The MPE Group has taken immediate steps in response to the attack:

1. Report to the Guardia Civil: They filed an official complaint.
2. Collaboration with Telefónica: They are working closely with Telefónica to address, resolve, and investigate the details of the cyberattack.
3. Detailed Forensic Analysis: They are assessing the impact and scope of the attack.
4. Restoration of Affected Information: Efforts are underway to recover encrypted files.
5. Mass Password Change: They have implemented a new secure password policy.

Reassurance for the Affected Individuals

In their statement, the MPE Group assures that, so far, there is no evidence of data leakage. Additionally, they have backups in place, allowing them to continue serving all personnel subject to medical examinations.

We hope this situation is resolved satisfactorily and that further security measures are put in place to protect sensitive information about our agents.