RTVE aspirant data exposed.
On August 6th, RTVE became aware of a security incident on the corporate aspirant platform managed by the company CEGOS. This cybersecurity incident was due to the unauthorized download of data of some of the participants in the aspirant processes. The incident occurred despite the fact that RTVE has all the required security measures, such as ISO 27001, among others.
Faced with this situation, RTVE blocked all access to the platform, following its internal data security breach procedure, restoring the service hours later. In addition, both the Police and the relevant agencies (AEPD and INCIBE) were notified.
The affected entity has initiated an investigation to clarify what happened and has demanded that CEGOS comply with data protection obligations through an audit of the incident, and has asked it to inform interested parties when the information is available.