Spain's Ministry of Science Shuts Down Systems Following Alleged IDOR Breach

Spain's Ministry of Science, Innovation and Universities (Ministerio de Ciencia, Innovación y Universidades) reports an incident that forced a partial shutdown of its IT systems. 

The ministry initially described the event vaguely but a threat actor using the alias GordonFreeman claimed responsibility for a breach on underground forums. The incident has disrupted electronic services and suspended ongoing administrative procedures for researchers and students across Spain.

The threat actor claims to have gained full-admin-level access to the ministry's infrastructure. According to the attacker's posts, the breach resulted from exploiting an Insecure Direct Object Reference (IDOR) vulnerability which allowed the actor to bypass authorization checks and obtain valid administrative credentials.

The threat actor published data samples as proof of the breach. The compromised data includes:

• Personal records of citizens and researchers
• Email addresses
• Enrollment applications for universities
• Screenshots of official documents
• Internal paperwork and administrative files

The number of affected individuals is not disclosed.

In response to the detection of the cyberattack, the Ministry of Science partially closed its electronic systems. All administrative deadlines have been extended to protect the rights of affected persons. Ministry spokespeople confirmed to Bleeping Computer that the disruption is directly linked to a cyberattack, and technical teams are currently assessing the extent of the compromise.