The State Public Employment Service (SEPE), formerly INEM, suffered a serious computer attack that left the agency inactive and forced it to suspend all appointments of users who had to go through a procedure. There are a total of 710 SEPE offices that have been completely paralyzed since this morning.
The agency suffered a ransomware attack and the information in its databases was hijacked
At the moment, the SEPE website is down and showing an error message that was confirmed by the agency via Twitter without giving much explanation.
The virus that has attacked the SEPE computer system comes from the “Ramsonware” family, a very harmful virus from which other Spanish companies have previously suffered – and that is used for attacks such as the well-known “Police Virus” or the “Wannacry virus” ” responsible for. – and what it does is “hijack” all the information contained in the computers and request a reward for accessing the content again.
SEPE databases consist of highly sensitive information from all users of the service. The volume of data is such that it is of significant importance that the information cannot be restored or that it can be changed.
Not only does it hold back millions of people’s data, but it also prevents you from sending email or using a SEPE program. It is also concerned that as a result, there will be delays in managing files on the Temporary Employment Ordinance (ERTE) or in paying unemployment benefits.
For reasons beyond our control @empleo_SEPE , the website and the electronic office of the #SEPE They are not available. You will be notified when they are ready for use again. We apologize for any inconvenience. pic.twitter.com/YPa9Dps2UX
– SEPE (@empleo_SEPE) March 9, 2021
For security reasons, the computers of all SEPE employees are switched off from the early hours of the morning Prevent the spread of ramsonware over the network. Either way, the agency’s computer technicians analyze the situation to determine where the virus has crept in. This affects not only personal offices, but also the computers of employees who teleworked from home. This is because the virus accessed the SEPE corporate network and infected every computer that was connected to it.
This type of attack mainly occurs when the networks do not have up-to-date security systems. In particular, one of the workers’ complaints was how outdated the equipment they use is and how vulnerable they are to possible cyberattacks.
The persons responsible for this attack are also unknown, although the SEPE has confirmed this No personal data was stolenThis could lead to cyber criminals being able to sell the databases on dark websites. They are apparently just looking for the ransom payment.
In the meantime the agency has asked Help for the National Cryptological Center (CNN) solve the situation. For its part, the Ministry of Labor has indicated that information about the attack is being offered to the user via the citizen hotline (060), although in reality not much information is currently available.