Cyber Crime

Spain police dismantled a cybercriminal group who stole the data of 4 million individuals

The Spanish police have arrested 34 members of the cybercriminal group that is accused of having stolen data of over four million individuals.

The Spanish police have arrested 34 members of a cybercriminal group that is suspected to have stolen data of over four million individuals. The authorities conducted 16 searches in Madrid, Málaga, Huelva, Alicante and Murcia and seized firearms, a katana, a baseball bat, four high-end cars, 80,000 euros in cash, a database with information on four million people, and computer and electronic material valued in thousands of euros.

The gang carried out several fraudulent activities and earned about three million euros by carrying out various types of scams and reselling the stolen data to other cybercriminals. Criminal activities conducted by the group are smishing, phishing and vishing campaigns, and the ‘son in distress’ scam. The crooks impersonated delivery firms and electricity suppliers to scam the victims.

The leaders of the criminal organization used false documentation and spoofing techniques to hide their identity and invested their profits in crypto assets to launder the proceeds.

“The investigation began at the beginning of this year by specialized agents of the Central Cybercrime Unit, when they identified a criminal network that illegally accessed databases of various financial and credit entities, entering different amounts of money into client accounts from the credit institution. They then contacted those clients informing them that due to a computer error they had entered a loan and had to return it.” said the Spanish Police.

The victims received instructions on how to return the funds, they were directed to phishing sites impersonating their banks and entered sensitive data that were sent to the cyber criminals.

“As the investigation progressed, it was discovered that they also penetrated other multinational commercial databases, obtaining personal data of more than four million people who could have been used to commit their criminal actions.”

The individuals recognized as the leaders of the cybercrime ring have been already arrested and the investigation to identify other members of the group is still ongoing.

Follow me on Twitter: @securityaffairs and Facebook and Mastodon

Pierluigi Paganini

(SecurityAffairs – hacking, cybercriminal group)

Pierluigi Paganini

Pierluigi Paganini is member of the ENISA (European Union Agency for Network and Information Security) Threat Landscape Stakeholder Group and Cyber G7 Group, he is also a Security Evangelist, Security Analyst and Freelance Writer. Editor-in-Chief at "Cyber Defense Magazine", Pierluigi is a cyber security expert with over 20 years experience in the field, he is Certified Ethical Hacker at EC Council in London. The passion for writing and a strong belief that security is founded on sharing and awareness led Pierluigi to find the security blog "Security Affairs" recently named a Top National Security Resource for US. Pierluigi is a member of the "The Hacker News" team and he is a writer for some major publications in the field such as Cyber War Zone, ICTTF, Infosec Island, Infosec Institute, The Hacker News Magazine and for many other Security magazines. Author of the Books "The Deep Dark Web" and “Digital Virtual Currency and Bitcoin”.

Recent Posts

Mirai-based botnets exploit CVE-2025-1316 zero-day in Edimax IP cameras

Mirai-based botnets are exploiting a zero-day flaw, tracked as CVE-2025-1316, in Edimax IP cameras, to…

12 hours ago

The Role of Differential Privacy in Protecting Sensitive Information in the Era of Artificial Intelligence

Differential privacy (DP) protects data by adding noise to queries, preventing re-identification while maintaining utility,…

17 hours ago

International law enforcement operation seized the domain of the Russian crypto exchange Garantex

The U.S. Secret Service and global law enforcement seized the domain of sanctioned Russian crypto…

21 hours ago

Medusa Ransomware targeted over 40 organizations in 2025<gwmw style="display: none; background-color: transparent;"></gwmw>

Medusa ransomware has claimed nearly 400 victims since January 2023, with attacks increasing by 42%…

23 hours ago

Qilin Ransomware gang claims the hack of the Ministry of Foreign Affairs of Ukraine

Qilin Ransomware group claims to have breached the Ministry of Foreign Affairs of Ukraine, marking…

1 day ago

Elastic patches critical Kibana flaw allowing code execution

Elastic fixed a critical flaw in the Kibana data visualization dashboard software for Elasticsearch that could lead to arbitrary code…

1 day ago

This website uses cookies.