**Cyberattack Disrupts Spanish Water Supplier’s Systems in Mataró**
Aigües de Mataró, a municipal water supplier serving the coastal Catalan town of Mataró (population ~130,000), confirmed a cyberattack on its corporate systems and website on Wednesday. The incident, detected on Monday, targeted administrative infrastructure but did not affect water supply or quality control operations.
The company reported the attack to Catalan police and the region’s cybersecurity agency, activating contingency protocols to contain the breach. While recovery efforts are underway, customers may face delays in billing and other administrative services. Aigües de Mataró also warned that personal and financial data held by the company may have been exposed, increasing the risk of phishing attempts.
The nature of the attack remains unconfirmed, but the incident aligns with a broader trend of ransomware targeting critical infrastructure. Though recent attacks on utilities—such as those on U.S.-based American Water Works and the UK’s Southern Water—have not directly compromised public health, experts highlight the growing threat to operational technology (OT) systems.
Spain has seen a rise in ransomware incidents, with past attacks disrupting hospitals and municipalities, including a 2023 breach at Barcelona’s main hospital that led to thousands of canceled appointments. As a member of the International Counter Ransomware Initiative, Spain remains a frequent target in the financially motivated cybercrime landscape.
Source: https://therecord.media/cyberattack-water-supplier-barcelona-spain
Aigües de Mataró TPRM report: https://www.rankiteo.com/company/aigües-de-mataró-sa
"id": "aig1766210089",
"linkid": "aigües-de-mataró-sa",
"type": "Ransomware",
"date": "12/2025",
"severity": "100",
"impact": "5",
"explanation": "Attack threatening the organization's existence"{'affected_entities': [{'customers_affected': '130,000 (population of Mataró)',
'industry': 'Utilities (Water Supply and Sewage)',
'location': 'Mataró, Catalonia, Spain',
'name': 'Aigües de Mataró',
'type': 'Municipal water supplier'}],
'customer_advisories': 'Customers warned about potential phishing attempts '
'and delays in services',
'data_breach': {'personally_identifiable_information': 'Yes',
'sensitivity_of_data': 'High',
'type_of_data_compromised': 'Personal and financial details'},
'date_detected': '2024-06-10',
'date_publicly_disclosed': '2024-06-12',
'description': 'Aigües de Mataró, a Spanish water supplier, announced that '
'its corporate computer systems and website were hit by a '
'cyberattack. Water supplies and quality control systems '
'remained unaffected. The attack was reported to Catalan '
'police and the autonomous community’s cybersecurity agency. '
'Personal and financial data may have been exposed, and '
'customers were warned of potential phishing attempts.',
'impact': {'data_compromised': 'Personal and financial details',
'identity_theft_risk': 'High',
'operational_impact': 'Delays in billing and administrative '
'procedures',
'payment_information_risk': 'High',
'systems_affected': 'Corporate computer systems and website'},
'investigation_status': 'Ongoing',
'motivation': 'Financial',
'references': [{'date_accessed': '2024-06-12',
'source': 'Official statement by Aigües de Mataró'}],
'response': {'communication_strategy': 'Official statement and customer '
'advisories',
'containment_measures': 'Internal controls applied',
'incident_response_plan_activated': 'Yes',
'law_enforcement_notified': 'Yes (Catalan police and Catalonia’s '
'cybersecurity agency)',
'remediation_measures': 'Working with Catalonian authorities to '
'recover and restore infrastructure'},
'title': "Cyberattack on Aigües de Mataró's Corporate Systems",
'type': 'Cyberattack'}