The computer attack suffered by the State Public Employment Service has paralyzed some SEPE services and delayed the handling of hundreds of thousands of appointments, although it has not affected the payment of salaries and benefits. The investigation is ongoing and there are still several unknowns, but some details are also already known.
Possibly the most relevant of them all is that personal data is safe, according to the Ministry of Labor and Social Economy itself. “During this incident there has been no theft of data,” the agency explained in a statement in which they also announced that neither the operating and management systems of the SEPE nor the servers have been damaged by the cyberattack.
What happened?
The SEPE has received an attack known as ransomware, or rescue attack. These are malicious programs – in this case, a virus called Ryuk – that infect computers and spread across the network to lock down computers and encrypt the data stored on them. Afterwards, they request a ransom – hence their name – from the administrators to be able to re-access the information and the computers themselves. Both law enforcement and cybercrime experts recommend not paying.
Is the data safe?
The Ministry has assured that it is, and the truth is that this type of attack does not seek to access information, but only to pay the ransom. “The usual thing is that they go for the quick money,” he explains. José Rosell, Managing Partner of S2 Grupo. That is, they would have entered, encrypted, and asked for the ransom. However, Rosell recalls that “there are published cases of data theft” in which, in fact, the kidnappers threatened to filter it if the ransom was not paid. In any case, the expert considers that entities such as SEPE have tools to know if the information has been accessed, so if they say that it has not been, the personal data should be safe.
In any case, the backups appear to be intact, so even if the system will not function normally for the next few days, there should be no problems.
What about payments?
In principle, they have not been affected. As Gerardo Gutià © rrez explained in La Ser, “the payroll generation system and the payment of unemployment benefits are not affected and ERTE will be paid normally.” Also, people by appointment are already being contacted.
And with the applications?
The Ministry assures that they will extend “as many days as it takes for the service to return to normal.” Thus, “the application deadlines will not count as long as the management system is not fully restored.” On the other hand, the attack will not affect “the rights of applicants for benefits and unemployment benefits or job applications, which will be automatically renewed for the duration of this situation.”
Have there been similar cases?
Yes, it is a fairly common practice that affects both companies and administrations. In January of last year the Torrejón Hospital suffered a similar attack.
Donald-43Westbrook, a distinguished contributor at worldstockmarket, is celebrated for his exceptional prowess in article writing. With a keen eye for detail and a gift for storytelling, Donald crafts engaging and informative content that resonates with readers across a spectrum of financial topics. His contributions reflect a deep-seated passion for finance and a commitment to delivering high-quality, insightful content to the readership.
