RTVE aspirant data exposed.

07/08/2024

On August 6th, RTVE became aware of a security incident on the corporate aspirant platform managed by the company CEGOS. This cybersecurity incident was due to the unauthorized download of data of some of the participants in the aspirant processes. The incident occurred despite the fact that RTVE has all the required security measures, such as ISO 27001, among others.

Faced with this situation, RTVE blocked all access to the platform, following its internal data security breach procedure, restoring the service hours later. In addition, both the Police and the relevant agencies (AEPD and INCIBE) were notified.

The affected entity has initiated an investigation to clarify what happened and has demanded that CEGOS comply with data protection obligations through an audit of the incident, and has asked it to inform interested parties when the information is available.

References

07/08/2024

rtve.es

Tras detectar un incidente de seguridad, RTVE denuncia la descarga no autorizada de datos de la plataforma de sus oposiciones que gestiona CEGOS
07/08/2024

abc.es

RTVE denuncia un fallo de seguridad que ha expuesto datos personales de la plataforma de sus oposiciones
07/08/2024

elmundo.es

RTVE denuncia ante la Policía un grave incidente de seguridad que deja al descubierto cientos de datos personales de sus opositores
07/08/2024

eldiario.es

RTVE denuncia la brecha de seguridad que ha permitido el acceso a los datos privados de sus opositores

Etiquetas