Spanish authorities arrest suspected cybercriminal linked to government and military data breaches

Spanish police have apprehended a suspected cybercriminal accused of hacking and selling stolen data from multiple government institutions, including NATO and the United States military. The arrest, conducted by Spain’s National Police in coordination with the Civil Guard, occurred in the coastal town of Calpe, as revealed in an official statement yesterday.

The suspect allegedly orchestrated over 40 cyber-attacks throughout the past year, targeting various institutions such as Spain’s Ministry of Defense, the Civil Guard, the Royal Mint, the Ministry of Education, the Valencia provincial government, and various universities. His activities reportedly extended beyond Spanish borders, affecting international organizations such as NATO, the U.S. Army, and the International Civil Aviation Organization (ICAO).

Authorities launched their investigation after a Madrid-based business organization reported a data leak on BreachForums, a well-known underground hacking platform. The police allege that the suspect operated under multiple online pseudonyms to disseminate or sell sensitive internal data, including classified information and personal records of employees and citizens.

In collaboration with cybersecurity specialists from the Spanish National Cryptologic Centre (CCN), Europol, and the U.S. Homeland Security Investigations (HSI), law enforcement agencies worked extensively to trace the suspect. Despite his attempts to mask his digital footprint using anonymous messaging and browsing applications, investigators successfully identified and detained him. A subsequent search of his property resulted in the seizure of various computer devices and over 50 cryptocurrency accounts, which authorities believe were used to facilitate illicit transactions.

The suspect faces multiple charges, including unauthorized access to computer systems, discovery and disclosure of secrets, damage to IT infrastructure, and money laundering. The case underscores Spain’s increasing efforts to curb cybercrime amid rising threats to national security and international institutions.

This latest arrest follows a similar case in 2023, in which Spanish authorities detained a 19-year-old hacker accused of breaching the national judiciary council and tax agency, compromising the personal data of over half a million Spanish citizens. The growing number of cyber-attacks on critical infrastructure highlights law enforcement agencies’ persistent challenges in combating digital threats.