The security incident affected the web portal application of the Barcelona Housing Council. According to the statement issued by the council, a “malicious actor” managed to access and compromise the personal information of citizens who registered on the Barcelona Rental Housing Exchange portal during the period between 2014 and 2018.
Identifying and identifiable data has been compromised: identity document numbers, birth dates, emails, telephone numbers, postal codes, and user identifiers.
The City Council has confirmed that it immediately implemented the “internally planned containment measures” to stop the attack and mitigate its effects. These actions include deploying a new clean server for the compromised applications and shutting down additional applications. The incident has also been reported to the Catalan Data Protection Authority.
The council has issued an alert to potentially affected citizens, recommending they exercise extreme caution. They are advised to regularly check email for suspicious messages, never provide sensitive data such as passwords or bank details, and monitor bank accounts for unauthorized movements. Two contact emails have been provided for further information.
