Threat Actor ‘Cargo’ Claims Breach of Spain’s Policía Nacional and Credential Exfiltration

• A significant cybersecurity concern rose in Spain, as a Police data breach claim surfaced.
• Email credentials were reportedly stolen, according to a threat actor’s announcement.
• The method and exact number of compromised accounts were not revealed.

A threat actor known as “Cargo” has alleged the leakage of login credentials belonging to employees of the Policía Nacional. The leak reportedly exposes access to institutional emails and the Central National Police (CNP) portal, raising critical infosecurity implications.

According to a post by Cargo, an account created only last month, some of the compromised credentials remain active. However, accessing the CNP portal is contingent upon bypassing an additional layer of verification through a certificate. 

The exact number of accounts compromised and the method used to acquire the credentials have not yet been publicly disclosed, leaving questions about the scale and depth of the data breach.

Spanish authorities have not yet issued a public statement on the matter. If validated, the exposure underscores a potential risk to the integrity of sensitive law enforcement information, notably within one of Spain’s most critical governmental institutions. 

Such security incidents can facilitate further cyberattacks, including phishing campaigns, unauthorized data access, or other exploitative activities aimed at compromising institutional operations.

Cybersecurity experts strongly advise organizations to implement adaptive multi-factor authentication (MFA), enforce periodic password changes, and conduct regular security assessments to identify and mitigate vulnerabilities.

This year, the Rhysida Ransomware group claimed a data breach of the U.S. Carthage Texas Police Department, and a BreachForums user claimed to have hacked and leaked data from the Israeli police systems.