- The Directorate-General of Traffic (DGT) spotted suspicious activity from users trying to access its database two weeks ago.
- There are concerns over potential data leak as anonymous user claims to have access to the full DGT database for sale.
Spanish police said on Friday they were investigating whether the private information of millions of vehicle drivers had been gained for sale online, following the detection of a suspected data breach by the traffic authority earlier this month.
Potential data breach of drivers’ database
Two weeks ago, DGT detected suspicious activity from users trying to access its database, which includes detailed information of the drivers, including licence plate numbers and insurance data, on more than 27 million drivers registered in Spain. The activity was later blocked. But an anonymous user claimed in a post that they had “access to look up any licence plate or document number” and were selling the full DGT database. Researches have been conducting to verify his claims, according to a DGT spokesperson. “They often claim to be selling things they don’t actually have,” he said.
Also read: Database leak exposes 2FA codes of global tech giants like Google
Also read: Huawei hosts cloud database summit in Thailand
Other cyberattacks
Over the past month, three of Spain’s largest companies – telecoms giant Telefonica, lender Santander and energy company Iberdrola – have reported suffering cyberattacks that led to breaches of employee and client data. The total number of cyberattacks registered last year nearly doubled from 2022 to over 100,000 incidents, 130 of which were categorised as “critical”.