Skip to content

Spanish bank Globalcaja faces ransomware attack

  • by
  • 2 min read

Globalcaja, a major Spanish bank with an extensive network of 300 offices and nearly half a million customers has fallen victim to a notorious ransomware group known as Play.

The attack has reportedly resulted in the theft of sensitive private and personal information, including passport scans, contracts, and documents belonging to clients and employees. However, the exact extent of the data breach has not been disclosed by the attackers.

As of now, Globalcaja has not made a definitive statement regarding whether or not they will pay the ransom demanded by the Play ransomware gang. On the positive side, there is no evidence to suggest that customers’ actual bank accounts or transactions have been compromised.

“It has not affected the transactions of the entities (nor the accounts or the agreements of clients.) The offices are operating with total normality when it comes to electronic banking and ATMs,” the bank said in a statement.

Nevertheless, if the bank chooses not to comply with eh ransom demands, there is a possibility that all the stolen data will be leaked online. This poses a significant threat, considering the nature of the pilfered information, which could potentially lead to various problems for those affected.

The Play ransomware gang has a history of leading data when victims refuse to pay the ransom. In December 2022, the gang breached Digipolis IT company in Antwerp, Belgium. Similarly, the group targeted the city of Oakland, resulting in the gradual release of stolen data after several service disruptions caused widespread anger.

Their tactics typically involve disrupting systems and exfiltrating data whenever possible. As of now, Globalcaja has not provided any further details regarding the incident. Customers and clients are advised to monitor the bank’s official website and social media channels for updates in the short term. The supposed deadline for the publication of the stolen information is June 11.

The Play ransomware gang emerged in various forums sometime in June or July 2022 and since then the gang has risen to notoriety for attacks on important infrastructure and other targets.

In the News: WWDC 2023: 10 key announcements

Kumar Hemant

Kumar Hemant

Deputy Editor at Candid.Technology. Hemant writes at the intersection of tech and culture and has a keen interest in science, social issues and international relations. You can contact him here: