A database containing 21,988 complete credentials, encompassing login details and passwords, allegedly tied to Comisiones Obreras (CC. OO.), has been exposed on a hacking forum.
Comisiones Obreras, recognized as the Confederación Sindical de Comisiones Obreras, serves as an autonomous trade union within Spain, operating independently of economic authorities, the State, and political parties.
The individual behind the Comisiones Obreras data breach, using the alias “fpa,” claimed to have defaced the union’s pages previously and is now disclosing the credentials obtained from their server.
While passwords are hashed, initial analysis suggests that some may be susceptible to decryption, prompting users affiliated with Comisiones Obreras to consider changing their login information proactively.
Comisiones Obreras Data Breach
The Cyber Express has reached out to the organization to learn more about this alleged Comisiones Obreras data breach incident. However, at the time of writing this, neither confirmation nor denial of these claims has been officially issued by Comisiones Obreras.
According to HackManac, the individual behind the leak posted details on a hacking forum, stating their motivation and the nature of the compromised data, which includes full names, ID documents, and phone numbers. However, they expressed an intention to retain only the credentials, advocating for the deletion of additional personal information.
The threat actor message reads, “CCOO (Comisiones Obreras, Workers’ Commissions) is a Spanish labor union whose function is to lick the boots of the government and employers, and whose bureaucrats spend their days at seafood banquets. Some time ago, we defaced all their pages, and now we are publishing the credentials we were able to steal from their server.”
Despite the reported Comisiones Obreras data leak, the Comisiones Obreras website appears to be functioning normally without immediate signs of a cyberattack. Nevertheless, this incident adds to a growing trend of unions becoming targets for malicious cyber activities.
Cyberattacks on Unions: A Growing Trend
In a similar vein, recent history shows a notable cyberattack on credit unions in the United States. In December 2023, approximately 60 credit unions faced disruptions due to a ransomware attack targeting an IT provider they utilized. The attack, executed through a third-party vendor, affected a unit of Trellance, a cloud computing firm commonly used by credit unions, reported CNN.
The Comisiones Obreras data breach incident and other data breaches highlights the pervasive threat posed by ransomware attacks, which have disrupted critical infrastructure across various sectors globally. From hospitals to fuel pipelines and schools, such attacks have prompted the governments to address ransomware as a pressing national security concern.
This is an ongoing story and The Cyber Express will be closely monitoring any developments. We’ll update this post once we have more information on the Comisiones Obreras data leak or any official confirmation from the organization.
Media Disclaimer: This report is based on internal and external research obtained through various means. The information provided is for reference purposes only, and users bear full responsibility for their reliance on it. The Cyber Express assumes no liability for the accuracy or consequences of using this information.
