Aigües de Mataró, a Spanish water supplier responsible for both drinking water and sewage systems, announced on Wednesday that its corporate computer systems and website were hit by a cyberattack.
The municipal company in Mataró, a coastal town in Catalonia with a population of around 130,000 approximately 19 miles north of Barcelona, said water supplies themselves and quality control systems were unaffected.
In an official statement, Aigües de Mataró said the attack was uncovered on Monday, and has been reported to the Catalan police as well as the autonomous community’s own cybersecurity agency.
As part of an existing contingency plan, Aigües de Mataró said it had applied internal controls to mitigate the attack and is working with the Catalonian authorities to recover and restore its infrastructure.
Customers were warned the company holds a range of personal information that may have been exposed, including financial and personal details, and were encouraged to be wary of phishing attempts exploiting this compromised data.
Aigües de Mataró added that the attack could inconvenience its subscribers who are currently unable to access corporate services, and might experience delays for billing and other administrative procedures.
The nature of the attack has not been confirmed by official sources, but the incident comes amid growing concerns regarding the potential impact of ransomware incidents on critical public utilities, including water supplies.
While attacks on utilities like American Water Works in the United States and Southern Water in the United Kingdom have not had a direct impact on public health, the risk that attackers pose to operational technology systems is considered the most concerning potential impact of the financially-motivated criminal ecosystem.
Spanish entities have regularly been hit by ransomware attacks in recent years, including municipalities and hospitals — with thousands of appointments cancelled in 2023 after an attack on Barcelona’s main hospital. The country is a member of the International Counter Ransomware Initiative.
Recorded Future
Intelligence Cloud.
No previous article
No new articles
Alexander Martin
is the UK Editor for Recorded Future News. He was previously a technology reporter for Sky News and is also a fellow at the European Cyber Conflict Research Initiative.
