{
	"id": "f2aa99e4-1d5c-402b-9815-c8c7173c36cb",
	"created_at": "2026-04-06T00:16:53.611561Z",
	"updated_at": "2026-04-10T13:11:32.635932Z",
	"deleted_at": null,
	"sha1_hash": "6c567e7f0951300937355f06298aa47d0d44c46e",
	"title": "Alleged LockBit attack shuts down city networks in Seville",
	"llm_title": "",
	"authors": "",
	"file_creation_date": "0001-01-01T00:00:00Z",
	"file_modification_date": "0001-01-01T00:00:00Z",
	"file_size": 36122,
	"plain_text": "Alleged LockBit attack shuts down city networks in Seville\r\nBy Joe Warminsky\r\nPublished: 2023-09-07 · Archived: 2026-04-05 19:02:25 UTC\r\nThe city council of Seville, Spain, was still recovering Thursday from a cyberattack that officials have attributed\r\nto the LockBit cybercrime gang.\r\nThe council said it will not pay a ransom of $1.5 million demanded by the hackers, according to local media\r\nreports. The incident has affected a broad range of city services, including police, firefighters and tax collection.\r\nThe attack began Monday, according to city officials, and it was initially identified as an internal system failure.\r\nFurther analysis soon revealed it to be a cyberattack, officials said. LockBit typically extorts victims by encrypting\r\nnetworks and threatening to post stolen data on its leak site.\r\nMayor José Luis Sanz said Thursday that the city was trying to restore services as soon as possible. Seville is the\r\ncapital of Spain’s autonomous Andalusia region and the country’s fourth-largest city overall.\r\nIt is unclear if LockBit has stolen any data, officials said. As of Thursday, there were no reports of LockBit leaking\r\nany data from Seville’s government.\r\nNational police and the incident response unit of Spain’s National Cryptological Center (CCN-CERT) are\r\ninvolved in the investigation.\r\nLockBit has been in the headlines all year, taking credit recently for attacks on an electric utility in Montreal and\r\nhealthcare technology giant Siemens Healthineers. Spain’s national police issued a general nationwide warning\r\nabout LockBit on August 25.\r\nThe attacks have come as analysts have questioned the reliability of the group’s infrastructure, but also noted its\r\ninfluence on the broader ransomware ecosystem.\r\nAVISO IMPORTANTE El Ayuntamiento se ha visto afectado por un ataque informático. Los servicios\r\nse han interrumpido como medida de precaución hasta conocer el alcance concreto del ciberataque.\r\nEstamos trabajando para poder restablecer la normalidad lo antes posible. pic.twitter.com/eOogsOctib\r\n— Ayuntamiento de Sevilla (@Ayto_Sevilla) September 5, 2023\r\nSource: https://therecord.media/lockbit-cyberattack-shuts-down-networks-in-seville-spain\r\nhttps://therecord.media/lockbit-cyberattack-shuts-down-networks-in-seville-spain\r\nPage 1 of 1",
	"extraction_quality": 1,
	"language": "EN",
	"sources": [
		"ETDA"
	],
	"origins": [
		"web"
	],
	"references": [
		"https://therecord.media/lockbit-cyberattack-shuts-down-networks-in-seville-spain"
	],
	"report_names": [
		"lockbit-cyberattack-shuts-down-networks-in-seville-spain"
	],
	"threat_actors": [],
	"ts_created_at": 1775434613,
	"ts_updated_at": 1775826692,
	"ts_creation_date": 0,
	"ts_modification_date": 0,
	"files": {
		"pdf": "https://archive.orkl.eu/6c567e7f0951300937355f06298aa47d0d44c46e.pdf",
		"text": "https://archive.orkl.eu/6c567e7f0951300937355f06298aa47d0d44c46e.txt",
		"img": "https://archive.orkl.eu/6c567e7f0951300937355f06298aa47d0d44c46e.jpg"
	}
}