Rankiteo Logo
Rankiteo
Leader in Cyber Underwriting
Loading...
NEWRankiteo Cyber Underwriting Desktop - Score, price, and bind from your desktop
WindowsmacOSLinux
Download
Ministry of Science and Innovation of Spain

Ministry of Science and Innovation of Spain Vendor Cyber Rating & Cyber Score

gob.es

The Ministry of Science, Innovation and Universities is the department of the Government of Spain responsible for the execution of the policy regarding universities, scientific and technical research, technological development and innovation in all sectors, including the management of international relations in this area and the Spanish representation in programs, forums and international organizations, and the European Union of its competence.


MSIS A.I CyberSecurity Scoring

MSIS
Company Information
Website:http://www.ciencia.gob.es
Employees number:594
Number of followers:141,599
NAICS:92
Industry Type:Government Administration
Homepage:gob.es
MSIS Risk Score (AI oriented)
Between 700 and 749
logo
MSISGovernment Administration
Updated:
06/03/2026
727/1000
Moderate
Ba
AaaAaABaaBaBCaaCaC
Powered by our proprietary A.I cyber incident model
Insurance prefers TPRM score to calculate premium
MSIS Global Score (TPRM)
xxxx
logo
MSISGovernment Administration
•••
Score locked
Instant access to detailed risk factors
Vulnerabilities
Benchmark vs. industry & size peers
Findings

MSIS
MSISModerate
Current Score
727Ba (MODERATE)
01000
2 incidents
-20 avg impact
Incident timeline with MITRE ATT&CK tactics, techniques, and mitigations.
JULY 2026
730Before Incident
JUNE 2026
730Before Incident
MAY 2026
729Before Incident
APRIL 2026
728Before Incident
MARCH 2026
727Before Incident
FEBRUARY 2026
746Before Incident
Cyber Attack
05 Feb 2026MSIS
Ministry of Science, Innovation and and Universities: Spain's Ministry of Science shuts down systems after breach claims

Spanish Ministry of Science Hit by Cyberattack, Disrupting Critical Services

726After Incident
CRITICAL-20
CIE1770330826
Spanish Ministry of Science Hit by Cyberattack, Disrupting Critical Services Spain’s Ministry of Science, Innovation, and Universities (Ministerio de Ciencia, Innovación y Universidades) has partially shut down its IT systems following a suspected cyberattack, disrupting key services for researchers, universities, and students. The ministry, which oversees science policy, research, and higher education, confirmed a "technical incident" but provided no further details. However, a threat actor claiming responsibility has leaked data samples as proof of the breach. The ministry’s electronic headquarters remains partially offline, suspending administrative procedures while extending deadlines for affected users under Spanish law. A notice on its website assures that measures are in place to protect the rights of those impacted. The attack has been linked to a threat actor using the alias GordonFreeman, who posted stolen data on underground forums, including personal records, email addresses, enrollment applications, and screenshots of official documents. The hacker claims to have exploited an Insecure Direct Object Reference (IDOR) vulnerability, gaining admin-level access to the ministry’s systems. While the leaked data appears legitimate, its authenticity remains unverified. The forum hosting the breach details has since gone offline, and no further leaks have surfaced. Spanish media reports indicate that the ministry has acknowledged the disruption as a cyberattack, though no official statement on the attacker’s claims has been released. The incident highlights growing risks to government systems handling sensitive research and administrative data.
INCIDENT DETAILS -
TYPE
Data Breach
IMPACT
Data Compromised: Personal records, email addresses, enrollment applications, official documentsSystems Affected: Ministry’s IT systems, electronic headquartersDowntime: Partial shutdown, administrative procedures suspendedOperational Impact: Disruption of key services for researchers, universities, and studentsBrand Reputation Impact: Potential reputational damage due to data leakIdentity Theft Risk: High (personal records and PII exposed)
DATA BREACH
Personal recordsEmail addressesEnrollment applicationsOfficial documentsSensitivity Of Data: High (personally identifiable information, administrative data)Data Exfiltration: Yes (leaked on underground forums)Personally Identifiable Information: Yes
JANUARY 2026
746Before Incident
DECEMBER 2025
746Before Incident
NOVEMBER 2025
745Before Incident
OCTOBER 2025
745Before Incident
SEPTEMBER 2025
744Before Incident
AUGUST 2025
744Before Incident
MARCH 2025
767Before Incident
Cyber Attack
05 Mar 2025MSIS
Spain’s Ministry of Science and Innovation and Universities: Spain Ministry of Science Cyberattack Triggers Partial IT Shutdown

Spain’s Ministry of Science Hit by Cyberattack, Disrupting Research and Education Services

741After Incident
CRITICAL-26
CIE1770374017
Spain’s Ministry of Science Hit by Cyberattack, Disrupting Research and Education Services A cyberattack on Spain’s Ministry of Science, Innovation and Universities has triggered a partial shutdown of critical government IT systems, halting administrative procedures and exposing sensitive data. Initially dismissed as a "technical incident," evidence now confirms the disruption stemmed from a malicious breach, with potential consequences for researchers, students, and businesses nationwide. The ministry acknowledged the outage in a public notice, suspending all ongoing procedures and extending deadlines under Article 32 of Law 39/2015 until systems are restored. While officials emphasized safeguards for affected users, the lack of early transparency fueled concerns later amplified when a threat actor, "GordonFreeman," claimed responsibility on underground forums. The attacker alleged exploiting an Insecure Direct Object Reference (IDOR) vulnerability to gain "full-admin-level access," sharing unverified screenshots of internal documents, email addresses, and enrollment records. Spanish media reported that the ministry linked the disruption to a cyberattack, though the extent of the breach remains under investigation. The leaked samples including scanned IDs, passports, IBAN numbers, academic transcripts, and personal curricula suggest severe privacy risks if confirmed. Spain’s cybercrime surge compounds the incident’s impact. With attacks rising 35% this year and a 750% spike in early 2025, the country became the most targeted globally in March 2025, accounting for 22.6% of all cyber incidents. Ransomware attacks, up 120%, increasingly target underprotected public institutions, exacerbated by rapid digital expansion outpacing cybersecurity investments. The breach underscores vulnerabilities in Spain’s public-sector infrastructure, where weak defenses turn digital services into liabilities. As the ministry works to contain the fallout, the incident highlights broader systemic gaps in national cybersecurity.
INCIDENT DETAILS -
TYPE
Data Breach
IMPACT
Data Compromised: Scanned IDs, passports, IBAN numbers, academic transcripts, personal curricula, email addresses, enrollment recordsSystems Affected: Government IT systems, administrative proceduresOperational Impact: Partial shutdown of critical systems, suspension of administrative proceduresBrand Reputation Impact: SevereIdentity Theft Risk: HighPayment Information Risk: High
DATA BREACH
Personally Identifiable Information (PII)Financial InformationAcademic RecordsSensitivity Of Data: HighData Exfiltration: Alleged (screenshots shared on underground forums)Scanned IDsPassportsIBAN numbersAcademic transcriptsPersonal curriculaPersonally Identifiable Information: Yes

Frequently Asked Questions

?
What is the current A.I Rankiteo Cyber Score for MSIS ?
?
What was MSIS's A.I Rankiteo Cyber Score in June 2026 ?
?
What was MSIS's A.I Rankiteo Cyber Score in May 2026 ?
?
What was MSIS's A.I Rankiteo Cyber Score in April 2026 ?
?
What was MSIS's A.I Rankiteo Cyber Score in March 2026 ?
?
What was MSIS's A.I Rankiteo Cyber Score in February 2026 ?
?
What was MSIS's A.I Rankiteo Cyber Score in January 2026 ?
?
What was MSIS's A.I Rankiteo Cyber Score in December 2025 ?
?
What was MSIS's A.I Rankiteo Cyber Score in November 2025 ?
?
What was MSIS's A.I Rankiteo Cyber Score in October 2025 ?
?
What was MSIS's A.I Rankiteo Cyber Score in September 2025 ?
?
What was MSIS's A.I Rankiteo Cyber Score in August 2025 ?
?
What is the average per-incident point impact on MSIS's A.I Rankiteo Cyber Score over the past 12 months ?
?
Where can I access detailed records of all cyber incidents associated with MSIS ?
?
Where can I find a summary of the A.I Rankiteo Risk Scoring methodology ?
?
Where can I view MSIS's profile page on Rankiteo ?
?
How accurate is the A.I Rankiteo Risk Scoring methodology ?