{"id":227303,"date":"2026-05-28T18:26:59","date_gmt":"2026-05-28T18:26:59","guid":{"rendered":"https:\/\/teknomers.com\/en\/alcasec-accessed-hundreds-of-thousands-of-banking-details-in-spain-now-facing-prison\/"},"modified":"2026-05-28T18:27:01","modified_gmt":"2026-05-28T18:27:01","slug":"alcasec-accessed-hundreds-of-thousands-of-banking-details-in-spain-now-facing-prison","status":"publish","type":"post","link":"https:\/\/teknomers.com\/en\/alcasec-accessed-hundreds-of-thousands-of-banking-details-in-spain-now-facing-prison\/","title":{"rendered":"Alcasec Accessed Hundreds of Thousands of Banking Details in Spain: Now Facing Prison"},"content":{"rendered":"\n<div>\n<h2>The Alcasec Case: A Disturbing Indicator of Cybersecurity Issues in Spain<\/h2>\n<p>Recent events have brought to light the disturbing realities of cybersecurity in Spain, particularly the case involving Jos\u00e9 Luis Huertas, known as Alcasec. This case doesn\u2019t involve a faceless corporation or distant hackers; rather, it reveals a systemic breach affecting the personal banking data of countless citizens. The implications of this case underscore how personal information has morphed into a high-stakes commodity on the internet.<\/p>\n<h2>The Agreement with Authorities<\/h2>\n<p>The National Court has reached an agreement after the Prosecutor&#8217;s Office laid charges against Alcasec. He has accepted a sentence of two years and seven months in prison for illegal access to computer systems and the revelation of confidential information. Initially, the prosecutor sought a sentence of three years; however, Alcasec\u2019s confession allowed for a reduction in his sentence. Alongside him, his accomplices, Daniel BE and Juan Carlos OG, received sentences of two years and two months, and one year and three months, respectively.<\/p>\n<h2>The Method of Access<\/h2>\n<p>The methodical nature of Alcasec&#8217;s intrusion reveals a sophisticated layer of planning. On October 19, 2021, Alcasec utilized data storage systems from Cherry Servers, a Lithuanian company, under a false identity. His accomplice, Daniel BE, linked to illicit forums, provided Alcasec with a stolen digital certificate from the General Directorate of Traffic. This certificate enabled him to access the SARA network, impersonate officials, and gather sensitive information without raising immediate suspicion.<\/p>\n<h3>The Impersonation Technique<\/h3>\n<p>Following his initial access, Alcasec and Daniel BE executed a deception strategy, creating a fake website masquerading as the Judicial Neutral Point access page. By disseminating a link to this fraudulent site, they managed to trick two officials into entering their credentials. This manipulation highlights that even cybersecurity breaches can hinge on exploiting human error in addition to technical vulnerabilities.<\/p>\n<h3>Massive Data Exfiltration<\/h3>\n<p>Armed with credentials from the duped officials, Alcasec executed an astonishing 438,099 requests to the Tax Agency&#8217;s \u201cextended bank accounts\u201d web service. This was not just a single data query but rather a massive and coordinated effort to siphon sensitive information, showcasing an alarming scale of cybercrime.<\/p>\n<h2>The Sentence Reduction<\/h2>\n<p>The negotiated sentence reflects Alcasec&#8217;s cooperation throughout the investigation, offering codes and passwords in exchange for a lighter sentence. The court acknowledged the mitigating circumstances surrounding his confession, leading to a final sentence of two years and seven months. Additionally, Alcasec has agreed to surrender any seized assets from his criminal activities.<\/p>\n<h2>Ongoing Investigations and Broader Implications<\/h2>\n<p>It&#8217;s important to note that Alcasec has been held in provisional prison for a different cybercrime case involving massive data breaches affecting millions of citizens. He was apprehended alongside Francisco Mart\u00ednez, a former Secretary of State for Security, further complicating the narrative surrounding this case.<\/p>\n<h2>Concluding Thoughts<\/h2>\n<p>This case serves as a potent reminder of the evolving landscape of cybercrime, where perpetrators are no longer confined to simple system intrusions. Instead, it illustrates a troubling trend of chaining access points, abusing real user credentials, and transforming sensitive information into a commodity for sale. The Alcasec case urges citizens and officials alike to remain vigilant in the face of increasingly sophisticated cyber threats.<\/p>\n<p>For further insights into the state of cybersecurity in Spain, one might look at analyses from leading cybersecurity firms, which echo the alarming nature of these breaches.<\/p>\n<\/div>\n<p><br \/>\n<br \/><a href=\"https:\/\/teknomers.com\/category\/general\/\" rel=\"dofollow\">General News &#8211; 2<\/a><\/p>\n","protected":false},"excerpt":{"rendered":"<p>The Alcasec Case: A Disturbing Indicator of Cybersecurity Issues in Spain Recent events have brought to light the disturbing realities of cybersecurity in Spain, particularly the case involving Jos\u00e9 Luis Huertas, known as Alcasec. This case doesn\u2019t involve a faceless corporation or distant hackers; rather, it reveals a systemic breach affecting the personal banking data [&hellip;]<\/p>\n","protected":false},"author":1,"featured_media":227304,"comment_status":"closed","ping_status":"open","sticky":false,"template":"","format":"standard","meta":{"footnotes":""},"categories":[36399],"tags":[53122,53121,11120,1198,14106,3734,895,1694,207],"class_list":["post-227303","post","type-post","status-publish","format-standard","has-post-thumbnail","hentry","category-technology","tag-accessed","tag-alcasec","tag-banking","tag-details","tag-facing","tag-hundreds","tag-prison","tag-spain","tag-thousands"],"_links":{"self":[{"href":"https:\/\/teknomers.com\/en\/wp-json\/wp\/v2\/posts\/227303","targetHints":{"allow":["GET"]}}],"collection":[{"href":"https:\/\/teknomers.com\/en\/wp-json\/wp\/v2\/posts"}],"about":[{"href":"https:\/\/teknomers.com\/en\/wp-json\/wp\/v2\/types\/post"}],"author":[{"embeddable":true,"href":"https:\/\/teknomers.com\/en\/wp-json\/wp\/v2\/users\/1"}],"replies":[{"embeddable":true,"href":"https:\/\/teknomers.com\/en\/wp-json\/wp\/v2\/comments?post=227303"}],"version-history":[{"count":1,"href":"https:\/\/teknomers.com\/en\/wp-json\/wp\/v2\/posts\/227303\/revisions"}],"predecessor-version":[{"id":227305,"href":"https:\/\/teknomers.com\/en\/wp-json\/wp\/v2\/posts\/227303\/revisions\/227305"}],"wp:featuredmedia":[{"embeddable":true,"href":"https:\/\/teknomers.com\/en\/wp-json\/wp\/v2\/media\/227304"}],"wp:attachment":[{"href":"https:\/\/teknomers.com\/en\/wp-json\/wp\/v2\/media?parent=227303"}],"wp:term":[{"taxonomy":"category","embeddable":true,"href":"https:\/\/teknomers.com\/en\/wp-json\/wp\/v2\/categories?post=227303"},{"taxonomy":"post_tag","embeddable":true,"href":"https:\/\/teknomers.com\/en\/wp-json\/wp\/v2\/tags?post=227303"}],"curies":[{"name":"wp","href":"https:\/\/api.w.org\/{rel}","templated":true}]}}