Hacker Caught Stealing Personal Data from Spanish Banks

A sophisticated cybercriminal operating from Girona has been apprehended in a joint operation between Catalan police (Mossos d’Esquadra) and Spain’s National Police.

The arrested individual, identified as a computer science student with advanced technical skills, orchestrated multiple cyberattacks targeting Spanish financial institutions, educational organizations, and private companies.

The suspect allegedly possessed stolen databases containing personal information from banks, driving schools, and public universities, which were subsequently sold or distributed through dark web forums.

The coordinated law enforcement operation successfully located and arrested the alleged cybercriminal at his residence in Roses, within the Girona district.

Investigators traced the source of multiple claimed cyberattacks to a specific location, leading them to identify the property and its inhabitants.

Among the residents was a young man pursuing computer science studies, whose advanced technical knowledge made him a prime suspect in the ongoing investigation.

The arrest represents a significant breakthrough in combating cybercrime activities emanating from the Catalonia region.

Police had been tracking the perpetrator’s digital footprint across multiple attack vectors, eventually narrowing down the physical location from which the cyberattacks were being launched.

The suspect’s decision to publicly claim responsibility for various attacks on online forums ultimately contributed to his identification and subsequent arrest.

Extensive Data Theft Operation

The arrested individual conducted a comprehensive data theft operation that extended far beyond financial institutions.

While Spanish banks were primary targets, the cybercriminal also successfully penetrated systems belonging to educational institutions, including both private driving schools and public universities.

The scope of the operation suggests a methodical approach to identifying vulnerable targets across different sectors of the Spanish economy.

Personal databases containing employee and client information were the primary focus of these attacks, alongside sensitive internal documents from affected organizations.

The stolen data was systematically monetized through sales on underground marketplaces, with some information being freely distributed on dark web forums.

This dual approach of selling premium data while providing some information for free likely served to establish credibility within cybercriminal communities and attract potential buyers for more valuable datasets.

Substantial Digital Evidence Seized

The police raid on the suspect’s residence yielded significant digital evidence that will support the prosecution’s case.

According to Report, the ongoing investigation may reveal the full extent of data compromised and financial losses incurred by affected organizations and individuals.

Investigators confiscated a laptop computer, twelve mobile phones, multiple hard drives, over thirty SIM cards, and several bank cards registered under different individuals’ names.

This extensive collection of devices and credentials suggests the suspect maintained sophisticated operational security measures while conducting illegal activities.

The variety of seized materials indicates the complexity of the cybercriminal operation, with multiple communication channels and storage systems used to maintain anonymity and redundancy.

The numerous SIM cards and bank cards associated with different identities point to potential identity theft charges in addition to the primary cybercrime allegations.

The suspect awaits arraignment at the Figueres Duty Court in Girona province, facing charges related to the discovery and disclosure of secrets under Spanish law.

Investigators continue working to identify additional victims of the cyberattacks and determine whether other individuals were involved in the criminal enterprise.

Find this Story Interesting! Follow us on LinkedIn and X to Get More Instant Updates.